What Are Stealth Viruses and What Can You Do About Them?

Most people have heard of viruses, but within that category of malware, there are many variations. Stealth viruses are quite possibly some of the most dangerous and tricky threats to deal with. As you can tell from the name, stealth viruses are all about hiding.

They achieve their stealth in ingenious ways and can hide from your antivirus. Sounds scary, right? Let's take a closer look at these elusive malicious programs.

What Is "Stealth" in Cybersecurity?

In common parlance, the concept of "stealth" is usually taken to mean "invisible." However, there is, of course, nothing like a truly invisible malicious program. So when we speak of "stealth" in the cybersecurity sense, it really refers to the various ways in which malicious code disguises itself.

However, stealth viruses go even further than this and can have active countermeasures against antivirus software. So it's not only that they disguise themselves, but also hide themselves against active detection attempts.

The Stealth Virus Playbook

Viruses usually don't stand alone. Instead, they latch onto other files and execute their code by sneaking in along with the legitimate code of the program they've infected. Stealth viruses also do this, but they actively block detection by hiding the evidence of the infection or literally moving out of the way of the scan.

They do this by hiding the true file size of the files they've infected or copying themselves to a section of storage that's already been scanned or isn't being scanned, leaving a clean version of the infected file behind.

What Damage Can Stealth Viruses Do?

What a virus is designed to do on a system is known as its payload. Stealth viruses and other types of viruses don't really differ in this regard. The payload of a virus can, in general, can be anything - which means that some viruses are harmless and others can be incredibly destructive.

It's becoming less common for viruses to be blindly destructive. At least not on purpose. Usually, there's some specific monetary gain or another objective that benefits the virus author. Stealing private information or credentials is probably the most common. So a virus might spend its time watching what you do and then send that information back home.

A virus can also act as the first attack of an onslaught, opening up the doors for other types of malware, such as keyloggers or whatever else the virus authors decide to do once they have control of your system.

Some harms done by viruses are just a byproduct of its nature. Viruses can take over and corrupt system processes. They can take up resources, depending on what their payload is. Some viruses are poorly written and cause crashes or other conflicts with the operating system.

These harms aren't what the author wanted the virus to cause, and they can even interfere with the correct function of the virus itself. Intended or not, it's a serious problem on its own.

How Stealth Viruses Infect Your Computer

There is nothing particularly special about the way stealth viruses infect computers compared to other more conventional virus designs. A common infection vector is the classic infected email attachment or compromised download.

These viruses can also be installed on your computer through so-called drive-by downloads, where a seemingly legitimate application lets the virus take advantage of its own sanctioned execution.

How to Defend Against Stealth Viruses

The best defense against a stealth virus is exactly the same as with regular viruses. It's best not to get infected in the first place. It's actually much more important to prevent infection when it comes to stealth viruses since many antivirus programs are simply not going to see it and offer no protection.

The easiest way to reduce the risk of infection is to avoid running suspicious software. Don't run applications that come from sources you can't trust 100%. Don't run applications from USB drives you don't know, don't visit websites that aren't known to be safe - that sort of thing.

When it comes to actual antivirus software, things get trickier. The reason we want to emphasize prevention with stealth viruses in particular is that they can be hard to get rid of. Perhaps not as hard as boot sector or BIOS viruses, but still a pain.

Advanced modern antivirus packages can deal with some stealth virus tactics, but the most effective way to get one of these viruses is to use a clean bootable disc instead of your internal boot disk. Then use an antivirus package from that disk to clean your system.

Sneaky, Sneaky!

Inevitably, there will always be an arms race between virus authors and those who make antivirus software. Virus creators come up with new ways to evade detection, and the antivirus has to become smarter as well. This is one of the reasons the best modern antivirus systems use artificial intelligence and heuristic detection systems.

It doesn't stop at stealth viruses either. The rising threat of polymorphic and metamorphic viruses adds to the chaos and challenge. All we can do is hope the habits and software that protect us can stay at least one step ahead.