Computer Security Frankenstein Virus Produces Malware By Stealing Code from...

Frankenstein Virus Produces Malware By Stealing Code from Legit Software

frankenstein computer virus

Computer viruses have always been a hunting, and usually mysterious, creation aimed at attacking a computer in some form. Most viruses, as we have known to discover over the years, have been a creation by a hacker who wants to perform specific actions that yield extra money in their pockets. Commonly, these viruses, once identified, could be easily detected provided you were armed with an antivirus solution. The Frankenstein Virus, on the other hand, is a new breed altogether that could render itself nearly undetectable.

Conceived by Vishwath Mohand and Keven Hamlen at the University of Texas at Dallas, the Frankenstein Virus was created to demonstrate the potential for hard-to-detect viruses. In the case of Frankenstein Virus, it was put together from benign code borrowed from ordinary programs. You can literally think of the Frankenstein Virus being created just like the Frankenstein monster, hence its name, where bits of body parts where used from ordinary individuals to create what we conceive as a monster. The Frankenstein Virus is not much different from that conception only it uses, for obvious reasons, computer code from ordinary programs.

Frankenstein Virus's creation would ultimately show that it is possible to construct any computer program in an instance where enough gadgets are given. These gadgets are short instructions that perform a specific type of small task. Hamlen and Mohan, the masterminds behind the Frankenstein Virus, could build working malware code by means of two simple algorithms from two gadgets. The creation will be reminiscent of a simple malware threat, the basic logic that real malware would use to unpack itself. Hamlen says, "We consider this a strong indication that this could be scaled up to full malware."

The Frankenstein Virus follows pre-set blueprints that tell it to perform certain tasks. These tasks are rather simple, such as copying pieces of data and swap in gadgets capable of performing those tasks. As a bonus, the Frankenstein Virus would be difficult to detect due to its ability to swap gadgets each time it infects a new computer. Antivirus software would not detect such a threat because the virus would always look different, even though the end-effects are the same.

We must also understand the complexity and potential threat a virus such as Frankenstein Virus could cause. All it takes is three different pieces of software and the Frankenstein Virus could provide over 100,000 gadgets. What it comes down to is the Frankenstein Virus being the ultimate monster from just a concise blueprint and gadget-finder, so it can adapt to look like parts of regular software. That in itself would make Frankenstein Virus virtually undetectable. In other words, all of the distinctive signatures of viruses or malware would be lacking in Frankenstein Virus. Antivirus software would have to rely on looking for signatures that match sequences of gadgets or the behavior of the program instead of its coding.

Experts believe that a virus such as Frankenstein could be a serious adversary for current antivirus software. Most antivirus software heavily relies on identifying distinctive signatures of malware. With Frankenstein Virus, those signatures will be missing and all it could go on is looking for signatures matching sequences of gadgets.

Hamlen and Mohand's research was partly funded by the US Air force where they demonstrated a threat could be particularly used for national security agencies attempting to infiltrate enemy systems using traditional antivirus defenses. We would conclude that the Frankenstein Virus makes for a compelling feat if such a need arises for national security agencies. We just hope Frankenstein does not end up in the wrong hands or we could we have a serious monster on our hands, literally.

Loading...