Metamorphic virus

Virus that changes its own code with each infection

A metamorphic virus is one that is capable of rewriting its own code with each infection, or generation of infections, while maintaining the same functionality.

The rewriting process allows each infection to appear different from others, but the changes are not supposed to affect the functionality of the code. This is intended to avoid detection by anti-malware software, but can usually be overcome via emulation or other techniques, and in many cases is deployed in a flawed manner leading to large numbers of misinfections. The complex technology required to do the rewriting is known as a metamorphic engine, and the same such engine may be implemented in several different virus variants.

The term is often used interchangeably with polymorphic virus.

Glossary


	Similar entries Adware Appender Backdoor Blended threat Boot sector virus Bot Botnet Cavity filler Chain letter Clicker Companion virus Data diddler DDoS Dialler Dictionary attack Directory harvesting DoS Downloader Drive-by download Exploit File infector virus Fork bomb Hoax Intended virus Joke Keylogger Logic bomb Macro virus Malware Mass-mailer Mid-infector Misinfection Multipartite virus Password stealer Pharming Polymorphic virus Prepender Ransomware Rootkit Smurf attack Spyware Trojan Virus Wabbit Worm Zip bomb Zombie See also Glossary Resources

Quick Links

Poll

Do current laws offer enough protection for ethical ('white-hat') hackers?
Leave a comment
View 4 comments

Virus Bulletin


	In this month's magazine: VBSpam comparative review March 2013 VB100 comparative review on SUSE Linux Enterprise Server 11 Java security in the era of BYOD Ogee whiz A deeper look into the ZeroAccess clickbot Pushdo's new second generation Shellcoding ARM: part 3 Phishing and fraud: the make-believe industry Subscribe now!

Virus Bulletin currently has 227,267 registered users.

Covering the global threat landscape

Metamorphic virus

See also