Alex Hinchliffe, principal threat researcher at Unit 42, the threat intelligence and incident response arm at Palo Alto Networks, says, “Very basic or specific detection mechanisms, such as hash-based scanners, are thwarted by polymorphism but it’s worth noting that each time a malicious program is compiled — e.g., into an executable — it will yield a new unique fingerprint or hash. Add to this the plethora of free and commercially available compressor, packer, and protector tools, which can be applied to a compiled program, and the ‘same’ program will yield yet more variations and permutations of the same fingerprint.”
Polymorphic malware also often uses encryption to hide its payload, further complicating detection and analysis.
Depreciated malware techniques
Some noticeable trends reflect a “downturn” regarding both types malware and hacking techniques that have fallen out of fashion, mainly because their effectiveness has decreased due to advances in security defenses and practices.
