Virus writers have adopted a new tactic to try to make sure their malicious programs reach as many victims as possible. Instead of releasing viruses intermittently, many creators of worms and trojans are pumping them out with increasing frequency.

For a while new variants of one virus, called Mytob, were appearing every hour. Some viruses appear in hundreds of different guises. The variants are appearing far faster than firms can analyse them and update their scanners to spot the malicious code.

The tactic seems to be paying off. Currently, Mytob variants are filling 14 of the positions in the Top 20 threats

Most Dangerous Variant : W32/Mytob.ch@MM
More Details : http://us.mcafee.com/virusInfo/default.asp...&virus_k=134221

I don't understand why people actually make and submit viruses. They are crippling the very essence of the whole Internet world. Without computers linked to each other, there will be no more Internet. Do they not realise this. And what is the actual motive behind it? Ok, sending hundreds of viruses to the likes of your previous employer and maybe the government may be a motive, but it is just childish and stupid.

It must also be a nightmare for hackers, they hack into someone's system and BANG! they have been infected and the computer starts blowing up.

Whoever makes a virus and sends it just needs locking up for life with no parole.

And thanks for the information. It is like judement day is coming (M^e knows what I am on about).

It seems to me that the variants should be closely related enough to set off the same heuristic antivirus software. If this is true, then all these variants don't really pose much more a threat than traditional viruses.

Hi all,
anti-virus scanners using "heuristic scanning" methods are totally defenseless against true "polymorphic" type viruses because the virus' "signature " is totally changed each time it "mutates". Thats precisely why the the whole "hurry to catchup" scenario by all the anti-virus companies exists. Unfortunately, there's probably never going to be a totally automated, 100% effective, scanning anti-virus program. As long as the enduser lets the computer make automated changes to the OS files (like Windows does).. the computer will always be vulnerable to attack.
RGPHNX

If the code is changed so drastically, then why is called a variant and not a new virus altogether?

This is bad! We must all switch to open source before its too late. Also, I don't see how creating viruses improves the life of those who create them. It just makes life miserable for us.

Hi again all,
re:
What a "heuristic" ID trys to identify is a part of the virus program that is UNIQUE to that particular virus. The other parts of the virus code (which often use some of the same instructions that other programs use [eg. Windows OS..etc] ) usually remain unchanged from one version to the next. If the anti-virus scanners tried to ID a piece of code that BOTH the virus and Windows used.. then.. the Windows program would also show up as a virus.
That's why the "new" versions of the virus are called "variants".. the ID part of the code has changed..but.. NOT.. the rest of the code which is not unique and therefore can't be used as a ID to identify the virus.
Hope this is clear
RGPHNX
ps- if you need a more detailed explaination you'll have to do some research on virus writing. There's lots of tutorials on the web.

No, that's pretty lucid. Thanks for the explanation.

Hi all.
re:
Thanks for the kudo/compliment. Glad to be of help.
Also, Nice to know that there's other people here who will do a little "hard core" reading to get at the truth.
Hope the explaination will help others also.
Cheers to all
RGPHNX