Today We Have Naming of… err, Malware… [1]

Sunbelt have responded to an article in Infosecurity about what I described way back in the early 90s (when putting together the alt.comp.virus FAQ) as the “thorny issue of malware naming”. Well, I’ve been banging the drum about educating users and pretty much everyone else away from the concept that malware naming is useful for quite a while:

Lysa Myers also addressed it in Virus Bulletin quite recently:

Still, Tom Kelchner’s article is a succinct consumer-level statement that covers most of the issues. I wish, though, that he hadn’t suggested using Virus Total as a means of comparing “the detections of different AV companies”. Hopefully, he meant that in terms of ascertaining what different companies call a given sample, not as a means of comparing the effectiveness of detection between different products. That’s not what VT is for, and to assume that it can be used that way, as SRI do, is just so misleading. As I’ve said, among other places, here. And as Hispasec/Virus Total themselves say here.

[1] “Lessons of the War. I. Naming of Parts”: Henry Reed, in New Statesman and Nation 24, no. 598 (8 August 1942): 92.   

Director of Malware Intelligence

ESET Threatblog (TinyURL with preview enabled):
ESET Threatblog notifications on Twitter: (or @ESETblog)
ESET White Papers Page:

Securing Our eCity community initiative:

Also blogging at:

Author David Harley, ESET

Follow us

Copyright © 2017 ESET, All Rights Reserved.