ABSTRACT
Ashes to Ashes, Bytes to Bytes: The Malware Life Cycle A useful construct in discussion of antimalware solutions is the “malware life cycle,” which starts with the creation of a variant of malware and ends with the termination of the last remaining instance of that malware in the wild. For some forms of malware (such as custom-developed instances, intended for targeted use against a specific organization) the life cycle may be quite short. For others, such as worms with broad infection footprints and highly effective counterdetection mechanisms (like Conficker), the life cycle may be extremely long.
