Home > Fun, News > Virus Bulletin 2010

Virus Bulletin 2010

October 5th, 2010

This year’s Virus Bulletin conference in Vancouver was a big success as it included some very interesting talks, specially on Stuxnet and social media security issues. There were also some presentations about ongoing efforts in the IEEE regarding telemetry on malware and a taggant system for runtime packers. Overall some great talks by very knowleadgeable folks.

I also gave a presentation on the ButterFly and Mariposa botnet shutdown with details of the arrests made earlier this year. Both Kaspersky and Avira mentioned the talk in their respective blogs here and here.
img_2190
img_2199

Tony Lee and Jimmy Kuo from Microsoft giving a presentation on telemetry sharing and an interesting idea of using telemetry to prioritize certain signatures over others, something we have been doing with Panda Cloud Antivirus for almost 2 years now ;)
img_2855

During the conference Andreas Marx from AV-Test.org officially handed us the “Certified” plaque for Panda Internet Security, which achieved the top ranking in the Full Product Test of Q2 2010.
IMG_2207

VB is a great chance for people from competing AV companies to get together and talk shop. If you’re lucky you might even catch the rare sight of competing testing labs talking together. Here we can see “the Andreases” from both AV-Test.org and AV-Comparatives.org:
img_2233

Jeff Williams (Microsoft), myself and Mark Kennedy (Symantec) during the gala dinner:
img_2713

Phillip (Avira), Jong (Webroot), Andreas (AV-Test.org) and Tjark (Avira) hanging out:
img_2235
img_2286

Andy from ICSALabs always behind a camara:
img_2307

The Ikarus and G-Data crews. Great guys!:
img_2321

Finally as is now a yearly tradition, G-Data held they table soccer tournament. Unfortunately Luis and I were only able to get 4th rank after Sophos brought in the guns from their local Vancouver office. But next year’s VB 2011 in Barcelona will be payback!!

Spain (Panda) kicking some UK (Sophos) butt during the initial rounds:
img_2251

USA (Microsoft) losing to Germany (G-Data) in the final:
img_2899

All pictures above were taken by Andreas Marx from AV-Test.org. I’m sure VB will soon be uploading more photos to their VB2010 conference webpage here, so be sure to keep an eye on that.

  1. Sergio de la Casa
    October 6th, 2010 at 08:49 | #1

    Great PB’s T-Shirt!

  2. October 8th, 2010 at 08:47 | #2

    ¡Los alemanes ganaron un campeonato de futbolín!
    Vergüenza debería darle al equipo español, justo este año que hemos ganado el campeonato mundial de fútbol.
    Bonito premio.

  3. begebung
    October 11th, 2010 at 19:47 | #3

    Unfortunately the comments on the download page of Panda 4.4.3.0 SafeCD are closed, but I hope I find you as a contact for my problem with the live cd. (I hope my Google translated text is somewhat understandable.)

    The Panda SafeCD 4.4.3.0. doesn’t work on my System, because my screen resolution is not supported. Ideal would be a screen resolution of 1600 x 900, my monitor could display about 800 x 600 or 1024 x 786 fairly readable.

    It is very bad that i can’t choose a suitable resolution before booting. Other live CD’s like GParted works properly.

    Please inform the developers of the Live CD about this Problem.

  4. Its just me
    October 20th, 2010 at 12:05 | #4

    As I can see in your slides you draw a relation between darkode.com and iserdo, Where is the connection?
    The forum is owned and ran by completely different people and not related to Butterfly in any way so keep it out of your stupid researching.

  5. Pedro Bustamante
    October 22nd, 2010 at 21:51 | #5

    @Its just me I’m not sure if you attended the talk, but I didn’t say the forum was owned by iserdo. I said the darkode forum is where iserdo used to sell and support the Butterfly Framework and NetKairo (Mariposa botmaster) used to sell parts of his botnet and contact pay-per-install toolbar distributors and other types of cybercrime providers (cryptors, packers, hacked servers, etc.). Of course I didn’t make this up just for the hell of it. As part of the investigation this came up and there is concrete proof of this.

  6. Jack
    October 26th, 2010 at 06:51 | #6

    @Pedro Bustamante
    What exactly do you mean concrete proof. Did you guys actually gain access to the forum (administrator/user access) or was it through word of mouth?

  7. Pedro Bustamante
    October 26th, 2010 at 07:21 | #7

    @Jack As law enforcement is involved in this investigation I’m sure you’ll understand that certain details cannot be disclosed. Allow me to turn the question around. If yourself and/or “Its just me” have access to darkode forum, then you know if what I’m saying is true or not. Do you?

Comments are closed.