Vishwath Mohan and Kevin Hamlen at the University of Texas at Dallas recently created Frankenstein, software that creates unique malware by combining code from the applications it finds on a PC.
“Once Frankenstein finds itself on a computer, it starts looking for specific pieces of code from programs such as popular web browsers and even Notepad,” writes Softpedia’s Eduard Kovacs. “These elements, called gadgets, ultimately create malware that’s capable of performing certain tasks. ”
“Frankenstein follows pre-written blueprints that specify certain tasks — such as copying pieces of data — and swaps in gadgets capable of performing those tasks,” writes New Scientist’s Jacob Aron. “Such swaps repeat each time Frankenstein infects a new computer, but with different gadgets, meaning that the malware always looks different to antivirus software, even if its ultimate effects are the same.”
“In Windows Explorer alone, Frankenstein found nearly 90,000 gadgets (snippets of code that perform specific actions) in just over 40 seconds, which means that malware created by the system would have a huge number of possible variations, work quickly, and be very difficult to detect,” writes The Verge’s Kimber Streams.
“The research was part funded by the US Air Force and presented at the USENIX Workshop on Offensive Technologies in Washington earlier this month,” writes HEXUS.net’s Mark Tyson. “Kevin Hamlen, one of the researchers, said that Frankenstein could be useful to infiltrate enemy computer systems with unknown antivirus defences.”