Extensible malicious code can dynamically change its behavior via modules or by updating itself by downloading code from outside the system. For example it may download new modules via the Web, email, USENET (NTTP), Napster, etc. For example, the W32/Hybris worm can download plug-ins from the alt.security.virus newsgroup or from a Web site.