Slashdot Mirror

← Back to Stories (view on slashdot.org)

Malware Threat Reports Are "Apples and Oranges"

Posted by kdawson on from the calling-a-spade-a-flippin'-shovel dept.

Ant writes "The December malware threat reports are trickling in from vendors — and they all appear to be different. Fortinet, Sunbelt Software, and Kaspersky all published their lists of the most prevalent malware strains for the last month of 2009, but they didn't match up, leading to an admission that users will inevitably be confused by the results. Not only do the various security companies use different names for the threats they identify; they don't even identify the same threats."

2 of 191 comments (clear)

  1. How about latin names by starbugs · · Score: 5, Interesting

    5) Every vendor seems to have their own names for a virus. For pity sake can we have some kind of standard naming mechanism?

    How about a (latin/greek) Biological-like naming system. After all, it works for biology and many (computer)viruses are derived from earlier versions of those viruses, so we could have actual hierarchies.

    So you could have a name such as: "userus.dumbus.clicktus.pornolinkus.diabolicus"

    Of course after the latin name we could come up with a "common" name - based on the name of the unfortunate tech who had the displeasure to remove it first.

  2. Re:Example of competition gone wrong by SensiMillia · · Score: 3, Interesting

    Purely theoretical:

    - User boots live-cd
    - Some malware gets executed and stays in RAM (by user interaction or not)
    - Malware reflashes the EEPROM holding the BIOS with some malicious code
    - On next boot BIOS will store some malicious code in memory and does something very clever that makes the OS on the liveCD execute that code

    It would be a very targeted attack, but not entirely impossible