Content deleted Content added
Cyberkiborg (talk | contribs) →Malicious code: I have added new data |
Cyberkiborg (talk | contribs) →Malicious code: Added links |
||
Line 16:
Emulation may be used to defeat polymorphic obfuscation by letting the malware demangle itself in a virtual environment before utilizing other methods, such as traditional signature scanning. Such a virtual environment is sometimes called a [[Sandbox (computer security)|sandbox]]. Polymorphism does not protect the virus against such emulation if the decrypted payload remains the same regardless of variation in the decryption algorithm. [[Metamorphic code]] techniques may be used to complicate detection further, as the virus may execute without ever having identifiable code blocks in memory that remains constant from infection to infection.
The first known polymorphic virus was written by Mark Washburn. The virus, called [[1260 (computer virus)|1260]], was written in 1990.<ref>{{Cite web |title=An Example Decryptor of 1260 |url=https://userpages.umbc.edu/~dgorin1/432/example_decryptor.htm |access-date=2025-03-21 |website=userpages.umbc.edu}}</ref> A better-known polymorphic virus was created in 1992 by the hacker [[Dark Avenger]] as a means of avoiding pattern recognition from antivirus software. A common and very virulent polymorphic virus is the file infecter [[Virut]].
By 2024, polymorphic viruses backed by artificial intelligence have reportedly become one of the key cyber threats. AI allows such viruses to mutate more effectively, making them even more difficult to detect and combat.<ref>{{Cite web |date=2023-12-07 |title=The cyber threatscape in 2024: polymorphic malware will be enabled by AI |url=https://resilienceforward.com/the-cyber-threatscape-in-2024-polymorphic-malware-will-be-enabled-by-ai/ |url-status=live |access-date=2025-03-21 |website=resilienceforward.com |language=en-GB}}</ref>
| |||