Users login

Create an account »

JOIN XATRIX

Users login

Home » Hacking News » Giving malware a common indentifier

Giving malware a common indentifier

by Nikola Strahija on September 28th, 2005 Zotob.E, Tpbot-A, Rbot.CBQ and IRCbot.worm are all the names given to a single worm that caused havoc in Windows 2000 systems last month. The most useful name CME-540 was rarely mentioned.


But that's about to change. CME-540 was the tag attached to the worm by the Common Malware Enumeration initiative, which is just emerging from its test phase. Next month, the U.S. Computer Emergency Readiness Team plans to officially put it to work, and try to reduce the confusion caused by the different names security companies give worms, viruses and other pests.

The project assigns a unique identifier to a particular piece of malicious software. When included in security software, in alerts and in virus encyclopedia entries, this identifier should help people determine which pest is hitting their systems and whether they are protected, the initiative's backers said.

-There is a lot of confusion over the way that malware is referred to, Desiree Beck, the technical lead for the CME initiative, said in an interview. -We're trying to alleviate that by giving malware a common identifier, so everybody is talking about the same thing when some malware event happens.’


Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »