Now that the end-of-year security conference season is winding down, we're able to start making available some of the presentations and papers that we've been building up in the past few months, but haven't been able to make publicly available ahead of the events for which they were written.

We've already made available a slide deck by Juraj Malcho, Head of our Virus Lab in Slovakia, based on his paper "Is there a lawyer in the lab?" for this year's Virus Bulletin conference. Now, by kind permission of Virus Bulletin, who hold the copyright, we've put up the paper itself, as published in the conference proceedings.

In this industry, we see many applications are being developed that have hidden or fraudulent intentions, or which are at best of doubtful usefulness. . Many of these applications are not the typical malware used in cybercrime nowadays (like bots or spyware trojans), but rather what we call potentially unsafe or unwanted applications. However, this dubious software is often associated with groups responsible for malware dissemination, and is often distributed using unfair practices such as spam campaigns or push-installations performed by malware. When such programs are detected by security software, it's not unusual for their authors to engage us in legal battles that consume significant human and financial resources.

This paper explores the topics mentioned above and considers the boundary between legitimate and illegitimate applications. The problems are explained with reference to several case studies documenting our experiences with such software.

More papers soon!

David Harley
Director of Malware Intelligence