Metamorphic virus

Virus that changes its own code with each infection

A metamorphic virus is one that is capable of rewriting its own code with each infection, or generation of infections, while maintaining the same functionality.

The rewriting process allows each infection to appear different from others, but the changes are not supposed to affect the functionality of the code. This is intended to avoid detection by anti-malware software, but can usually be overcome via emulation or other techniques, and in many cases is deployed in a flawed manner leading to large numbers of misinfections. The complex technology required to do the rewriting is known as a metamorphic engine, and the same such engine may be implemented in several different virus variants.

The term is often used interchangeably with polymorphic virus.

Poll

Should anti-virus software be free for personal use?
Yes
No
I don't know

Leave a comment
View 43 comments
Jobs Career Sidebar

Virus Bulletin

In this month's magazine:
  • Co-operation is the only way
  • XXX racted
  • Your filters are bypassed: Rustock.C in the kernel
  • Family matters
  • The Ottawa rules
  • DriveSentry Desktop 3.1/3.2 & GoAnywhere 1.0.2/2.0
  • The problem of backscatter – part 3
Virus Bulletin 10 2008
Subscribe now!
Virus Bulletin currently has 144,119 registered users.