Kaspersky Malware Naming Convention

When you find some malware in the wild sometimes you want to find the procedure to remove that malware or at least given it is some known malware figure out what properties it has.

Kaspersky malware naming convention. We name the malware and unwanted software that we detect according to the Computer Antivirus Research Organization CARO malware naming scheme. The naming scheme has influenced todays detection names. For example both use DLL load order hijacking to run code from DLLs impersonating dependencies of legitimate AV utilities and both share a mutex naming convention of random UUIDs where mutexes are used for synchronization of thread execution.

CARO Computer Antivirus Research Organization perhaps one of the best-known organizations on virus naming conventions has been pushing for a naming standard since the 1990s. Antivirus software is designed primarily to prevent infection but also includes the ability to remove malware from an infected computer. An user asked on Kaspersky forum to solve the new Kaspersky Protection extension problem but as usual like it has happened in the previous episodes of conflict between Kaspersky and Malwarebytes softwares this is what theyve said its not the real answer of course but the hidden meaning of it.

The suffix used in the naming convention indicates the variant of the threat. A lot of security vendors use a similar convention to the CARO one so it is worth looking into it. Eleven years ago a group of security experts known as the Computer AntiVirus Researcher Organization CARO first attempted to develop a standard virus naming scheme in the form of the 1991 New Virus Naming Convention NVNC 91.

Executable files that have been modified by archive utilities and then scanning the content of the archives and installation packages. Naming of new human diseases with the aim to minimize unnecessary negative impact of disease names on trade travel tourism or animal welfare and avoid causing offence to any cultural social national regional professional or ethnic groups. Kaspersky has observed campaigns before using the malware to trick users mainly in Spain into handing over their financial details.

Kaspersky Anti-Virus offers powerful virus protection against all types of ransomware malware spyware and the latest cyber threats. However the naming convention of the new version hints that its now ready to go global. The Caro System In a 1991 meeting of Computer AntiVirus Researcher Organization CARO a New Virus Naming Convention1 was agreed upon and it was supposed to pro-vide a means of avoiding the confusion generated by the lack of uniform regu-lations in the virus naming process.

The Ginp Trojan is not entirely new. The suffix assigned to a new threat meaning the binary code for the threat is not similar to any existing threats is the alpha character A Subsequent strains are given subsequent suffixes for example B C or D. Naming Conventions In 1991 there was a committee at CARO that introduced a naming convention for viruses.