Cyber Safety Glossary
Stealth, Polymorphic, and Armored viruses
There are many different types of computer viruses. Three of the most difficult to deal with are Stealth, Polymorphic, and Armored viruses.
These viruses hide the modifications they have made to files or boot records. When anti-Virus software scans the file, it may see only the original, not the stealth altered file. There are two common variations of the Stealth virus: File Stealth viruses hide file length changes; Full Stealth viruses hide their own length. Both of these “hide-the-length” strategies are designed to make the file look normal and unchanged to detection software.
These viruses produce copies of themselves that are all slightly different. The virus creator hopes that anti-Virus software won’t be able to identify all the different variations and that some will escape detection. Virus creators sometimes use software called a mutation engine to transform any virus into a polymorphic virus.
Placing “armor” around a virus makes it difficult and time consuming for computer experts to take the virus apart, understand how it works, and then design methods for defeating it. New forms of armor are constantly being developed by virus creators.
What can I do about these forms of viruses:
Have up-to-date firewall, anti-Virus and anti-Spyware software protecting your computer. Scan your computer for viruses weekly. Enable automatic updates of your operating system and Internet browser. Only download free software from reputable shareware sites. Do not open unsolicited email attachments. Don’t hesitate to have a professional service technician help you in case your computer does become infected.