Do virus writers still attempt to make metamorphic or polymorphic code or have antiviruses over come this?
Out of curiosity, why are all metamorphic and polymorphic viruses file-infectors? Wouldn’t it be a lot simpler to make a standalone program (worm) that rewrites itself? Furthermore for a file-infector to work it needs to know whether it has infected a file before, which would be difficult.
Do virus writers still attempt to make metamorphic or polymorphic codeWell yeah, Polymorphic would be easier to write. Reason: if the goal is for going undetected (like hiding from a traditional av scanner: basically blacklist detecting) why make it more complex then needed. I won't get into the specifics as this isn't a malware programming forum >:-D
have antiviruses over come this?Depending on the AV, but to keep it as simple as possible. Yes to some degree.
file-infector to work it needs to know whether it has infected a file beforeIt all depends on how its coded. example just infecting executable files or a specific ones like .bat files in a certian and/or all folders :o
Wouldn't it be a lot simpler to make a standalone program (worm) that rewrites itself?Of course
What is?
Most certainly not this forum.