Tag Archives: Juraj Malcho

Sick of Stuxnet?

Even if you’re not thoroughly sick of the word Stuxnet, you may well be pretty confused as to what “the truth” about it is. I know I am…

I think it will probably be a while before we get the whole picture, though there are a couple of last minute presentations scheduled for the Virus Bulletin conference in Vancouver next week that should be very interesting indeed: well, for sad Geeks like me, anyway. (I hope to see some of you there, maybe at the pre-drinks reception.)

I’ve spent quite a lot of the past couple of weeks working with some colleagues from ESET on a Stuxnet paper (67 pages long, so you’d think I’d be all Stuxnetted out by now). While we can’t predict all the surprises those papers will unfold, there’s some fairly detailed analysis and some observations that go a little against the “cyberwar on Iran” flow. Stuxnet Under the Microscope, by Alexandr Matrosov, Eugene Rodionov, David Harley and Juraj Malcho, September 2010 is available on the ESET white papers page at http://www.eset.com/resources/white-papers/Stuxnet_Under_the_Microscope.pdf.

ESET Senior Research Fellow

Lawyers in Love

One minute I was saying “…AMTSO in Prague next week…” and the next Prague was long gone, and so was AVAR in Kyoto. Hopefully, though, that was my last long trip for this year, and I’ll get into the habit of blogging regularly here. Well, I suppose once every blue moon is regular. 😉

This is a bit of a cheat, since I already blogged it for ESET, but I’m a believer in green blogging with lots of recycling. Juraj Malcho, head of ESET’s virus lab in Bratislava, did an excellent paper and presentation at VB 2009 on “Is there a lawyer in the lab?”: it’s about the complications that ensue when the authors of Possibly Unwanted Applications and other blahware try to tie up anti-malware companies in legal process for daring to detect it as Something Not Very Useful.

I think I may have just coined blahware: in this case, I’m referring not to those irritating Facebook applets that so many of my friends are addicted to, but to software which, if not actively malicious, is nevertheless of more value to its author than to anyone who’s misled into paying for it, and is distributed by semi-malicious channels such as spam or push-installations. I’d call it irrelevantware, but that’s not so catchy. And come to think of it, it probably does apply to most Facebook apps.

Anyway, the paper is at :


The slide deck is at:


Well worth looking at, and we don’t ask you for your email address when you download them, either. 🙂

David Harley