Decoding the methods in malicious code is becoming more difficult, according to reverse-engineering experts. Attacks no longer scramble simple function names, but encrypt entire blocks of code.