Adaptive Malware

Some types of malware excel at evading detection techniques by using built-in logic that looks to see whether or not certain kinds of protection capabilities are in place, according to Johnnie Konstantas, senior director, enterprise cybersecurity group at Redmond, Wash.-based Microsoft.

The adaptive malware is usually looking for detection capabilities that are specific to a particular vendor, Konstantas said. If code from that particular vendor is present, Konstantas said the malware either moves on or tries a different method that it knows the vendor isn't capable of spotting.

Bad actors have, in some cases, been able to reverse-engineer a vendor's malware detection process thanks to increased collaboration among hackers as well as the sharing of tools, code and methods, Konstantas said. By obtaining a very deep understanding of how a vendor's protections are supposed to work, Konstantas said the bad actors are therefore able to write code that evades it.