Stealth malware masquerading as harmless code evades anti-virus detection

Security issues are always a matter of concern. Malware and loads of unwanted software are propagating at a greater pace than essential and useful programs. Unless you are an expert, you can’t distinguish between the good and bad in the software arena. Researchers at Microsoft’s Malware Protection Centre have now found a new grade of malware that deceives security software and go through the barrier, which later undergo mutation and become malicious.

The new kind of malware is nothing like the ones we know, it  never prompts you to download files or try to infest your device by executing the file. It works adopting the mighty stealth as its weapon, downloading itself as harmless codes. The researchers found that the codes are harmless even after they let them execute.

But when logged into internet, the application starts downloading files from other websites on its own. The files are involuntarily copied into the Windows system folder as ‘misys.exe’ to initiate hazards.

The malware would evade a straightforward analysis, so an amateur analysis won’t help tracking the malware and even expert would find it hard to trace them. Even a static analysis wouldn’t be sufficient.

The malware works by adding instruction, mainly x86 instructions, to its own downloader directory, rather than disturbing the registry keys. Executing the downloaded instructions, the ‘downloader’ gets the malware functionality.

The basic malware tool is sufficient to create this kind of malware, hence it could spread in a short span. It is possible to configure the malware to export files from an infected system, so it could have devastating effects. However, a new set of anti-malware tools have been integrated into Microsoft’s anti-virus products. So, take a deep sigh and relax.