Sophisticated polymorphic malware is on the rise

By Paul Wood

Recent research from the July 2011 Symantec Intelligence Report found cyber criminals are more aggressive than ever before when it comes to spreading malware over e-mail using more sophisticated polymorphic techniques designed to bypass more traditional anti-virus defences.

MessageLabs Intelligence Senior Analyst, Symantec Hosted Services
Paul Wood

Polymorphic malware uses variations of the same code by employing different encoding techniques, making it harder to detect as each new variation may require its own signature in order to identify it correctly.

According to the July 2011 Symantec Intelligence Report, one in 280.9 e-mails globally, was identified as malicious. In Canada, this was higher with one in 255.9 e-mails deemed malicious.

In the U.S., it was lower with one in 634.8. Since February, the proportion of email-borne malware that is polymorphic and especially aggressive in this new form has more than doubled around the world from 10.3 percent to 23.7 percent in July.

This new wave of aggressive polymorphic malware is a danger to any Internet user because of its manifold variety, often making it difficult for traditional security defences to detect.

The malware is frequently sent over e-mail disguised as an attached ZIP archive file, PDF file or a seemingly harmless office document. One of the more recent examples of a malware attack using polymorphic techniques is one that’s disguised as correspondence from parcel carriers and courier-based delivery services.

Examples of recent malicious e-mails using sophisticated polymorphic techniques


With attackers’ intentions remaining the same – to take over control of users’ computers and collect personal information for financial gain – they have become more aggressive in their techniques, which has resulted in this explosion in dangerous malware variants and strains.

As malware threats continue to evolve, it’s important for businesses and end-users to protect themselves by following and using solutions such as comprehensive endpoint security and data loss prevention to prevent data breaches and add an extra layer of security. Users should also encrypt sensitive data and implement strong passwords and IT policies around e-mail attachment configurations and the use of removable media.


Paul Wood is an Intelligence Senior Analyst at the MessageLabs’ of Symantec Hosted Services

Would you recommend this article?


Thanks for taking the time to let us know what you think of this article!
We'd love to hear your opinion about this or any other story you read in our publication.

Jim Love, Chief Content Officer, IT World Canada

Featured Download

Blogger Spotlight

Latest Blogs

ITB in your inbox

Our experienced team of journalists and bloggers bring you engaging in-depth interviews, videos and content targeted to IT professionals and line-of-business executives.