Current status of the CARO malware naming scheme

Dr Vesselin Bontchev FRISK Software International

The CARO malware naming scheme was created almost 15 years ago. To this date, it remains the naming scheme that is the most widely used in anti-virus products – despite being criticized from left and right and despite the fact that no product has absolute compliance with it. One of the often-heard criticisms is that detailed documentation of the up-to-date status of the scheme is difficult to find and that this hampers the scheme’s popularity. This paper attempts to solve this problem. It documents the CARO malware-naming scheme completely, including the recently introduced changes. It will be made freely available on the web and will be continuously updated as new changes are introduced. Its purpose is to serve as an easily and publicly accessible documentation of the latest state of the CARO Malware Naming Scheme.

VB Conferences

VB2011 (Barcelona)

VB2010 (Vancouver)

VB2009 (Geneva)

VB2008 (Ottawa)

VB2007 (Vienna)

VB2006 (Montréal)

VB2005 (Dublin)

VB2004 (Chicago)

VB2003 (Toronto)

VB2002 (New Orleans)

VB2001 (Prague)

VB2000 (Orlando)

VB99 (Vancouver)

VB98 (Munich)

VB97 (San Francisco)

VB96 (Brighton)

VB95 (Boston)

VB94 (Jersey)

VB93 (Amsterdam)

VB92 (Edinburgh)

VB91 (Jersey)

‘This was my first VB - it will definitely not be the last!!’

Poll

Do you use the same password(s) across multiple websites?

Leave a comment
View 4 comments

VB2010

VB2010 will take place 29 September-1 October 2009 at the Westin Bayshore, Vancouver, BC, Canada. Early bird discount available until 15th June 2010.

Virus Bulletin currently has 191,018 registered users.

Fighting malware and spam