This presentation was presented as a webinar on November 5th, 2009.
During this Fresh Prints talk Peter Silberman and Ero Carrera provided real world statistics on malware properties and characteristics as seen by their respective organizations, MANDIANT and VirusTotal.
Each of them brings a different perspective about malware. MANDIANT brings a targeted perspective gained by chasing and analyzing malware commonly used by the Advanced Persistent Threat (APT). And, as one of the world’s top malware exchanges, VirusTotal has a bulk view of malware.
Peter and Ero provided an overview of the general trends and techniques used by malware collected by VirusTotal and malware seen in targeted APT attacks. They addressed where these trends intersect and where they diverge. The audience gained an understanding of the volume, characteristics, and evolution of malware. And, Pete and Ero gave their predictions for where malware is heading!
In the webinar, we referred to several resources:
Peter Silberman works at MANDIANT on the product development team. For a number of years, Peter has specialized in offensive and defensive kernel technologies, reverse engineering, and vulnerability discovery. He enjoys automating solutions to problems both in the domain of reverse engineering and rootkit analysis. Although he is college educated, Peter does not believe formal education should interfere with learning.
Ero Carrera is currently Chief Research Officer of Collaborative Security at VirusTotal and a reverse engineering automation researcher at zynamics GmbH. Ero spent several years as a Virus Researcher at F-Secure where his duties ranged from reverse engineering of malware to research in analysis automation methods. While at F-Secure he worked on malware classification by applying genomic methods to binary structural classification.
