Tag Archives: malware

The Man Who Found Stuxnet – Sergey Ulasen in the Spotlight

I’m very excited about today’s guest. Very few industry experts know him by name, even though he’s the guy who first discovered the notorious Stuxnet worm in 2010. His name is Sergey Ulasen.

Sergey UlasenFirst, a few background words about Sergey. I’m happy to say that he joined the company in August 2011, immediately starting to contribute to the ever growing expertise of our malware analysis team, which now consists of more than 100 experts around the world. He’s a very professional and high spirited man, possessing the expert knowledge and experience for tackling even the most sophisticated threats.

Sergey graduated in 2006 from the Belorussian State Technical University with a B.Sc. in software development. He began his professional career with local anti-virus vendor VirusBlokAda as a programmer. Later Sergey joined the team that engineered the company’s anti-virus engine, and in 2008 he became the team leader. He was also involved in developing anti-rootkit and system rescue technologies, and helped with solving the most sophisticated malware incidents.

Then he joined KL. Me very happy.

Sergey, let’s go back to the moment when your team first discovered the Stuxnet sample. How did it all come about?

See more > Ten questions casting light on Stuxnet’s discovery …

Number of the Month: 70K per Day.

Anti-malware: it’s a dirty job, but someone’s got to do it. Or at least it used to be… but I’ll get to that later…

For your average Joe it can be hard to understand all the finer details of the work of an anti-malware company. But oh how we want to tell everyone about them! So we’re trying as best we can to translate them all into understandable, non-gobbledygook language – not to mention also in the English language!

The tip of the malware-fight iceberg one gets a peek at from collections of facts and figures, which illustrate the basic ins and outs of anti-malware. For example, here we have the kinds of infographics we issue on a regular basis:

anti-malware infographicanti-virus inforgraphicmalware infographicinfographic on malwareAnti-virus and malware infographicAnti-virus and malware software infographic

[click on the image to see the details]

One of the most frequently asked questions we get is: “How many viruses do you find every day?“.

See more > So, how many viruses do we find every day?

Flickr photostream

Instagram photostream

The Holy Grail of AV Testing, and Why It Will Never Be Found

So, my expectations were fulfilled. My recent post on an AV performance test caused more than a bit of a stir. But that stir was not so much on the blog but in and around the anti-malware industry.

In short, it worked – since the facts of the matter are now out in the open and being actively discussed. But that’s not all: let’s hope it won’t just stimulate discussion, but also bring the much-needed change in the way AV tests are done, which is years overdue, and is also what I’ve been “campaigning” for for years.

So, how should AV be tested?

Well, first, to avoid insults, overreaction and misplaced criticism, let me just say that I’m not here to tell testers how to do their job in a certain way so that our products come out top – to have them use our special recipe which we know we’re better than everyone else at. No, I’m not doing that, and anyway, it’s rare when we don’t figure in the top-three in different tests, so, like, why would I want to?

Second – what I’ll be talking about here isn’t something I’ve made up, but based on the established industry standards – those of AMTSO (the Anti-Malware Testing Standards Organization), on the board of which sit representatives of practically all the leading AV vendors and various authoritative experts.

See more > One don’t, one maybe and one definitely yes …

Enter your email address to subscribe to this blog

Infected Drones: Is Die Hard 4 Becoming a Reality?

I can honestly say that news of infected military drones is in no way amusing to me. This is for real, not Hollywood.

Indeed, it appears that for once the film industry can’t keep up with the latest reports from the computing world. And making an action film these days about cyber warfare is a tricky business: in the time between a pre-release trailer and the release of a movie, the script of the movie can be played out on the evening news.

So what am I talking about here? That malware has in fact – not fiction – gotten inside Predator and Reaper drones.

Infected Drones

See more > Any chance to solve the problem?

Benchmarking Without Weightings: Like a Burger Without a Bun.

Hi everyone!

With the help of my colleagues I’ve been slowly but surely getting up and running a series of posts (here and here) about key technologies – to introduce them to the public, judge the reaction, and then gather ideas. But besides singing the praises here, I’d also like to give you my opinions on comparative tests – those that inform the public how efficient these technologies are. Alas, there are not that many tests I trust and can recommend.

There are just too many shortcomings in today’s testing methodologies, meaning the tests provide only a snapshot of the tested products and miss the whole picture. But it precisely the whole picture that is what customers need. Unfortunately, the majority of tests still employ old testing practices (like on-demand testing with outdated malware collections), which don’t reflect current real-life user scenarios.

And so now let me say a few words about PassMark. This is a very respected organization and I really admire the job it does. However, its recent anti-virus performance test has at least one significant flaw, which could mislead readers and cause them to make purchases based on faulty comparisons.

See more > Performance tests revisited …

Anti-virus and Mac.

We’ve recently participated in IFA 2011 in Berlin, Europe’s biggest trade fair for consumer electronics. It was the second time we’ve exhibited – after last year’s successful event. According to the official figures, nearly a quarter of a million visitors attended the show this year, with 1,441 companies exhibiting their products.

IFA 2011

It’s not exactly our target audience – we were the only IT security company there – but we are fans of unorthodox marketing and original approaches to things. The very fact that none of our competitors were taking part we actually took as a plus when taking the decision to go to IFA.

See more > Some good reasons to have an anti-virus on your Mac …

Gaming Needs to Be Secure Too!

Hi everyone,

As you know, we take part in many different exhibitions and similar events around the world. Of course not everyone can attend them all, so follow-up reports prepared by those who were there are what’s called for. They help me keep track of all the events and activities too.

One such event was gamescom Expo, a major European trade fair dedicated to gaming, which took place on 17-21 August in Cologne. This year it was attended by 275,000 visitors and 557 participants from 40 countries. Details can be found here and here.

Gaming has to be secure as well! And that’s why we had a stand at the expo, with both animated and unanimated fun content. Photos of this content were sent to me, and that was how I got to know about this event and our stand at it. And this is how this post came about.

Thus – to the photos…

Kaspersky at Gamescom Expo

See more > Striking stats for online gamers

Shady RAT: Shoddy RAT.

Earlier last week Congresswoman Mary Bono Mack (CA-45), Chairman of the House Subcommittee on Commerce, Manufacturing and Trade, sent a letter to Dmitri Alperovitch, Vice President of Threat Research at McAfee, requesting further information on his recently published report “Revealed: Operation Shady RAT.” We conducted detailed analysis of the Shady RAT botnet and its related malware, and can conclude that the reality of the matter (especially the technical specifics) differs greatly from the conclusions made by Mr. Alperovitch …

More: Shady RAT: Shoddy RAT.. . .