Category: Uncategorized

GIANT CODE. "Imagine a random change that results in the macro code becoming very large, either as the result of several layers of merged code or additional polymorphisms. This can easily exhaust typical scanning engines for macro viruses due to memory limitations reserved for the macro code within the engines. As a consequence, an evolved copy can potentially escape just by being too large." https://lnkd.in/dGC6A7c View in LinkedIn

DORMANT CODE. "During a mode of viral reproduction termed “lysogenic”, viruses such as bacteriophages integrate their genome into the host’s genome and become dormant. When such viruses convert back to the lytic (aggressive) mode of reproduction, they excise themselves from the genome." https://lnkd.in/dGC6A7c View in LinkedIn

CHIMERIC CODE. "In the event of coinfection, the excised viral genome might be a combination of more than one viral strain leading to the creation of chimeric viral particles." https://lnkd.in/dGC6A7c View in LinkedIn

CO-INFECTION. "A form of evolution was observed in macro viruses, which often merge their code base into a document. Often the file has a clean macro, and a virus with a set of macros. In addition, another virus may insert its set of macros at the same time, leading to viral macro code merging with both viral and clean macro code. In biology, this phenomenon is quite common, and known as coinfection." https://lnkd.in/dGC6A7c View in LinkedIn

COLD COMFORT. “The probability of extensive random corruption of a block of 1000 bits generating an exact match against the 1000 bit test virus is 1/2(1000) or ~10(-301)." Perhaps, however, this is not the right question. https://lnkd.in/dXsqH3b View in LinkedIn

SHARING GENES. "Even complete functionality might be snatched from another clean program, or another virus as well. As previously predicted, a cooperation protocol can enhance sharing of features between malicious executables as well. Code snatching is a tried and true function of almost all biological organisms." https://lnkd.in/dGC6A7c View in LinkedIn

RANDOM MUTATED CODE. "A limited number of random mutation of computer viruses have been recorded, caused by data corruption in transit, or by a failure of system memory or disks. One example is the single byte modification in the 1704 strain of the IBM Cascade virus, detected in Yugoslavia. This has been attributed to random corruption rather than to deliberate modification. Some newer viruses incorporate self-correcting codes to avoid such in-transit corruption." https://lnkd.in/dXsqH3b View in LinkedIn

HYBRID CODE. "It is conceivable that an evolutionary function in the malware could snatch clean or malicious code from other programs. It could integrate code from other programs by identifying function prolog and epilog code." https://lnkd.in/dGC6A7c View in LinkedIn

HORIZONTAL GENE TRANSFER. "It is easy to see why mutating binary code would make it rather impossible to discover new functionality: the fraction of neutral changes is just too low. On the contrary, integration of pieces of functional code and/or importing functions and APIs available in the computer environment have a much higher probability of being neutral, and very rarely even beneficial." https://lnkd.in/dGC6A7c View in LinkedIn

BREEDING MALWARE. "A threat might be able to snatch code from another program in its environment. We have seen examples of a virus like Pinfi jumping on top of worms to replicate in new environments as a combination threat. Security products do not always recognize the worm once it is infected with a virus, and the combination helps the survival of both threats." https://lnkd.in/dGC6A7c View in LinkedIn