Virus authors 'pack' malware to avoid detection

Virus authors 'pack' malware to avoid detection


All the top 10 threats this month used the same packing method

A variety of malware threats, rather than one specific virus, dominated the security landscape this February, according to security firm BitDefender.

However, the company said that all the threats in its Top 10 Malware List for February used the same packing method to obfuscate the payload.

"Virus writers use packers to decrease the size of the virus and to increase the cost of analysis," said Sorin Dudea, head of BitDefender AV Research.

"Unpacking something packed in an as-yet unknown manner takes a lot of time and skill."

Malware using this single packing method accounted for 37.02 per cent of all detections in February.

The Peed/Storm Trojan dominated the list at 16.88 per cent of total detections for the month. This was a strong resurgence given the Trojan's absence from the January list.

The proliferation of the Windows WMF vulnerability appeared to decrease during the month, as viruses using its signature accounted for only 5.33 per cent of total detections.

Lower on the list are a host of much older mass mailer viruses, which Dudea described as "on their way to irrelevancy".

These viruses account for approximately six per cent of total detections, more than half of which are a result of Netsky.P.

"By this point, I think it is safe to say that Netsky.P is the most widespread mass mailer virus of all time," said Dudea.