View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Microsoft detects symbiotic malwares which help each other to survive

Once malwares infect a PC, they allow hackers to take over a PCs.

By CBR Staff Writer

Microsoft researchers have detected a pair of computer malwares known as Vobfus and Beebone, which work in a symbiotic relationship with each other and avoid being detected by anti-virus software.

The research revealed that if one of the malwares gets detected and destroyed by some anti-virus software, the second would automatically download another version that may go undetected.

Microsoft researcher Hyun Choi said that Vobfus is a Visual Basic malware compiled either in p-code (pseudo code) or native code.

"Based on our observations, Beebone variants then download other variants of Vobfus, creating an infection cycle that means where you see one of these families, you’ll often see the other," Choi said.

"Updated antivirus products may detect one variant present on the system; however, newer downloaded variants may not be detected immediately.

"A typical self-updating malware family that just updates itself can be remediated once it is detected, because once removed from the system it cannot download newer versions of itself."

Once the system gets infected, the viruses would report back to the command and control servers (C&C) and start downloading other viruses, and also allow hackers to take over a machine.

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

"This cyclical relationship between Beebone and Vobfus downloading each other is the reason why Vobfus may seem so resilient to antivirus products," Choi added.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.