Says Catalin Cosoi, head of the Online Threats Lab at BitDefender: "As with evolution, these things happen accidentally. The combination doesn't usually work, but sometimes it does." After searching through 10 million pieces of malicious software and code, the labs says it found 40,000 "frankenwares."
Usually, the mixture occurs when the two malwares have complementary features, like for example, "if one is a keylogger while the other is designed with a wormlike ability to propagate quickly." Because most anti-virus programs use signature definitions, the new hybrids are generally easier to detect. However, since the mutants have different file sizes then their creators, some detection tools may completely miss them.
Rival Symantec says they have not seen anything "of the sort."