Throwback Thursday: The Virus Analyst Headache

Posted by   Virus Bulletin on   Aug 20, 2015

This Throwback Thursday, we turn the clock back to April 1999, when the average virus analyst had to manually process around ten or more viruses per day, and the growing complexity and volume of viruses was proving a headache.

By the early years of the 21st century, the volume of malware was such that no functioning virus lab would be able to process all newly discovered malicious samples without the help of automated analysis systems. In 1999, however, everything was still done manually — and processing new viruses was becoming an increasing headache for analysts.

In 1999, the count on the virus analyst's conveyor belt was several hundred new viruses and variants each month, meaning that the average virus analyst had to process around ten or more viruses per day. Vendors found that it was nigh on impossible simply to throw more analysts at the problem, as it was so difficult to find experienced virus analysts (at least without a virus-writing past). Inaccurate processing of samples by an inexperienced analyst risked causing false positives and negatives, while automatic or semi-automatic analysis risked low detection rates and/or missed infections. In the April 1999 issue of Virus Bulletin, Eugene Kaspersky described the headaches facing the virus analyst of 1999, including new platforms and formats, macro viruses, high-level-language viruses and anti-disassembling tricks — concluding that no amount of pain killers could ease the pain!

Eugene Kaspersky's article can be read here in HTML-format, or downloaded here as a PDF.

Posted on 20 August 2015 by Helen Martin

twitter.png
fb.png
linkedin.png
hackernews.png
reddit.png

 

Latest posts:

VBSpam tests to be executed under the AMTSO framework

VB is excited to announce that, starting from the Q3 test, all VBSpam tests of email security products will be executed under the AMTSO framework.

In memoriam: Prof. Ross Anderson

We were very sorry to learn of the passing of Professor Ross Anderson a few days ago.

In memoriam: Dr Alan Solomon

We were very sorry to learn of the passing of industry pioneer Dr Alan Solomon earlier this week.

New paper: Nexus Android banking botnet – compromising C&C panels and dissecting mobile AppInjects

In a new paper, researchers Aditya K Sood and Rohit Bansal provide details of a security vulnerability in the Nexus Android botnet C&C panel that was exploited in order to gather threat intelligence, and present a model of mobile AppInjects.

New paper: Collector-stealer: a Russian origin credential and information extractor

In a new paper, F5 researchers Aditya K Sood and Rohit Chaturvedi present a 360 analysis of Collector-stealer, a Russian-origin credential and information extractor.

We have placed cookies on your device in order to improve the functionality of this site, as outlined in our cookies policy. However, you may delete and block all cookies from this site and your use of the site will be unaffected. By continuing to browse this site, you are agreeing to Virus Bulletin's use of data as outlined in our privacy policy.