In November 2013, the security community lost one of its brightest lights with the death of security researcher and VB advisory board member Péter Szőr.

As a way of celebrating Péter's life and work on an ongoing basis, and keeping his memory alive, VB set up an annual award, which is known as the "Péter Szőr Award".

The award aims to recognise the best piece of technical security research published each year. Nominations for the award are sought from the security community at large, and a final shortlist voted on by the VB advisory board. The award is presented each year at the annual VB conference.

Péter Szőr contributed almost 40 articles to Virus Bulletin over the years, spoke at several VB conferences, and served for more than ten years on the VB advisory board. Péter was also well known as the author of the popular The Art of Computer Virus Research and Defense — a book which, for many, served as their first introduction to and basic grounding in computer security. Most importantly, he was known by everyone who encountered him for his great kindness and generosity.

2024 Award

The winner of the 2024 Péter Szőr Award for the best technical security research is ESET researcher Marc-Etienne M.Léveillé for "Ebury is alive but unseen: 400k Linux servers compromised for cryptocurrency theft and financial gain" (published here).

The award was presented during VB2024 in Dublin. The other shortlisted nominees were:

• Reversing Dart AOT snapshots by Axelle Apvrille (published here)
• Kimsuky research by Anna Sirokova, Natalie Zargarov, Matt Green and Christiaan Beek (published here)

Past winners

2023

"BlackLotus UEFI bootkit: Myth confirmed" by Martin Smolár at ESET (published here).

The award was presented at VB2023 in London. The other shortlisted finalist was:

• Russia’s Trident Ursa (aka Gamaredon APT) Cyber Conflict Operations Unwavering Since Invasion of Ukraine by Palo Alto Networks Unit 42 (published here).

2022

CryptoRom Bitcoin swindlers target vulnerable iPhone and Android users by Jagadeesh Chandraiah & Xinran Wu at Sophos (published here, here and here)

The award was presented during 2022 in Prague. The other shortlisted nominees were:

• Russian APT29 hackers' use of online storage services, DropBox and Google Drive by Mike Harbison & Pete Renals (Unit 42, Palo Alto Networks)
• CHERNOVITE's PIPEDREAM malware targeting industrial control systems by Dragos Global Intelligence Team
• SecurityScorecard's discovery of 'Zhadnost', responsible for Ukraine DDoS attacks by Ryan Slaney (SecurityScorecard)

2019

DNS Hijacking Abuses Trust in Core Internet Service by Cisco Talos (published here)

The award was presented during VB2019 in London. The other shortlisted nominees were:

• Matrix: a low-key targeted ransomware by Luca Nagy, Sophos
• LoJax First UEFI rootkit found in the wild, courtesy of the Sednit group by ESET Research

2018

ShadowPad – poisoned server management software targeting corporate networks by the Global Research and Analysis Team (GReAT) at Kaspersky Lab (published here)

The award was presented during VB2018 in Montreal. The other shortlisted nominees were:

• Korea In The Crosshairs by Warren Mercer and Paul Rascagnères
• Spreading Technique and Deception Based Detection by Abhishek Singh

2017

AKBuilder – the crowdsourced exploit kit by Sophos researcher Gabor Szappanos (published here).

The award was presented during VB2017 in Madrid. The other shortlisted nominees were:

• Iran threats by Collin Anderson & Claudio Guarnieri
• The first collision for full SHA-1 by Marc Stevens (CWI Amsterdam), Elie Bursztein (Google Research), Pierre Karpman (CWI Amsterdam), Ange Albertini (Google Research) & Yarik Marko (Google Research)

2016

Mofang: A politically motivated information stealing adversary by Fox-IT researcher Yonathan Klijnsma (published here).

The award was presented during VB2016 in Denver. The other nominees were:

• Reversing Internet of Things from Mobile Applications by Axelle Apvrille (Fortinet)
• Targeted ransomware no longer a future threat by Andrew Furtak and Christiaan Beek (Intel Security)
• Lucrative Ransomware Attack: Analysis of the CryptoWall Version 3 Threat by Ryan Sherstobitoff (Intel Security), Christiaan Beek (Intel Security), Josh Grunzweig (Palo Alto Networks), Jinghao Li (Symantec) and Aamir Lakhani (Fortinet)
• Distributing the Reconstruction of High-Level IR for Large Scale Malware Analysis by Alex Matrosov (Intel Security), Eugene Rodionov (ESET), Gabriel Negreira Barbosa (Intel Security) and Rodrigo Rubira Branco (Intel Security)

2015

Catch Me if You Can by Intel Security researchers Anand Bodke, Abhishek Karnik, Sanchit Karve and Raj Samani (research described here).

The award was presented during VB2015 in Prague. The other nominees were:

• Operation 'Oil Tanker' - The Phantom Menace by Luis Corrons (PandaLabs)
• Mobile Users Exposed: SSL/TLS Vulnerabilities Live by Carlos Castillo, Alex Hinchliffe and Rick Simon (Intel Security)
• Chinese Chicken: Multiplatform DDoS Botnets by Peter Kalnai and Jaromir Horejsi (Avast Software)

2014

Operation Windigo by ESET researchers Olivier Bilodeau, Pierre-Marc Bureau, Joan Calvet, Alexis Dorais-Joncas, Marc-Etienne Léveillé and Benjamin Vanheuverzwijn (published here).

The award was presented during VB2014 in Seattle, WA, USA. The other nominees were:

• Security Applications of Formal Language Theory by Len Sassaman, Meredith Patterson and Sergey Bratus
• Research on 'Hacking Team' spyware by Citizen Lab
  
• A journey to abused FTP sites by Hendrik Adrian of MalwareMustDie

VB Conference

VB2024 Dublin

2 - 4 October 2024