2006-02-06 – Virus names

Virus naming is generally a matter of consensus between the AV vendors, but occasionally that breaks down. A good example is “blackworm” aka “blackmal” aka “blueworm” aka “mywife” aka “nyxem”. Our email AV system keys off the virus name to decide whether to delete a message or mangle it. (Sadly our current system can’t reject messages at SMTP time.) This depends on us getting a reasonably unique name from the virus scanners, so that we treat messages appropriately. Sadly at the moment there’s something nasty going around which McAfee is calling “the Generic Malware.a!zip trojan” and ClamAV is calling “Worm.VB-9”. Can I have a proper name please so I can delete it and stop irritating people with mangled junk?

⇐ 2006-02-02 ⇐ Grammar ⇐ ⇒ Quick response ⇒ 2006-02-07 ⇒