Security researcher Loredana Botezatu claims that BitDefender has found “no less than 40,000 such malware symbioses out of a sample pool of 10 million files.” She believes that most of these have evolved naturally, but is concerned that they pose a new and worrying threat. “Although this happens unintentionally, the combined features from both pieces of malware will inflict a lot more damage than the creators of either piece of malware intended.”
The research describes a specific example it has found: the Rimecud worm infected with the Virtob file infector. It describes a potentially worrying scenario. “That PC faces a twofold malware with twice as many command and control servers to query for instructions; moreover, there are two backdoors open, two attack techniques active and various spreading methods put in place. Where one fails, the other succeeds.”
Furthermore, she adds that if you get one of these hybrids on your system, “you could be facing financial troubles, computer problems, identity theft, and a wave of spam thrown in as a random bonus,” says Loredana Botezatu. “The advent of malware sandwiches throws a new twist into the world of malware. They spread more efficiently, and will become increasingly difficult to predict.”
Should we be afraid? Well, we need to look at this objectively. One effect highlighted by the report is that the new Frankenmalware changes the detection signature of both the original virus and the original worm, making it impossible to detect. But malware does this all the time, either by the application of a malware kit or sometimes via code within the malware itself. Anti-virus products are designed to detect such ‘new’ malware by their actions rather than their signatures.
So the bottom line is this. BitDefender’s research is accurate. What it dubs Frankenmalware is inevitable. Theoretically, everything it describes is a possible outcome. But while the evolution might be factual, the potential threat is hypothetical. Malware plus malware is still malware; neither more nor less. And the anti-malware industry, including BitDefender, is very good at controlling it.