Trouble is coming - Case in point.
For those who have read a few posts I have made here in the past about what certainly is coming down the pipe (because I feel that most of the releases in the past year are nothing more than tests for horribleness yet to come), I have gathered some info from a very reliable source about polymorphic viruses that will be coming to a theatre near you...
For reference purposes:
Author: Dr3f (You probably dont know him -- I only know of one other virus that he has coded - WM.NotFam)
Name of virus: Win32.Voltage
Detected: Not yet.. he says it 'may' be in the wild, but he hasn't released it yet.
It is written in ASM and is about 3800 lines of code (I dont have the source.. but that is how long he said it was)
Description: (From Dr3f) My new worm has the follow capabilities: global resident,PE\RAR infector,polymorphic with EPO feature,has mail worm that spoof address,that send itself to all temp inet files addresses and to all friends in the WAB.
Win32.Voltage is infected over a script encoder in this sample.
It drops a copy of the original virus as the name wvltg.exe into the system directory.
I found this interesting as it is a polymorphic, file infecting, mass mailing worm. There aren't many of these floating around.