Mutating malware evades detection

Mutating malware evades detection: "Hackers are using increasingly sophisticated methods to ensure that the malware they develop is hard to detect and remove from infected systems, security researchers warned at this week's Computer Security Institute (CSI) trade show. The most popular of these approaches involve code mutation techniques designed to evade detection by signature-based malware blocking tools, code fragmentation that makes removal harder, and code concealment via rootkits. Unlike mass-mailing worms such as MS Blaster and SQL Slammer, most of today's malware programs are being designed to stick around undetected for as long as possible on infected systems, said Matthew Williamson, principal researcher at Sana Security. The goal in developing such malware is not to simply infect as many systems as possible but to specifically steal usage information and other data from compromised systems, he said."