Mikko’s talk is an overview of how a the anti-malware

1986 first PC virus found called Brain. Which was actually by todays standard a “root kit” even if we did not call virusse that at this time.

In 1991 Mikko analysed his first virus the “Omega” virus.

The first viruses actually announced themselves like the V sign virus, Josh, Walker, Yankee Doodle Yankee, Casino, etc.

In the early 90s the first viruses start to appear. One_half is actually the first “ransomware” except that the virus did not demand money to decrypt you hard drive.

In 1995 “Concept” was the first Macro Virus. Micro viruses where only banned when MS broken backwards compatibility

In 1998 “RemoteExploit” was the first virus with a backdoor in it.

“Happy New Year 1999″, “Melissa” and “LoveLetter” started the eara of the email based virusses.

In 2003 Blaster(and before that Code Red Sasser and Slammer) changed the way we looked at PC security and things like personal firewalls would become standard issue.

Slammer was able to shut down airlines and all rail traffic in Washington D.C and Hospital

Fizzer in 2003 was the first virus that has been proven to be written to make money.

THis changed the virus game completely. In the pre 2003 area most virusses came from the “Western” world. Now the come from other sources. Virusess are no longer written by youngsters who experiment or are trying to make a statement, but are written today by organized crime.

In 2004 Cabir was the first Symbian virus which spread itself via BlueTooth, which was very successful mainly because of its a user interface of the mobile phones

Today we have to deal with the so called affiliate networks. E.g. Data Doctor 2010, a file repair tool which is actually a valid file repair tool, not a good one, but it is.

Data Doctor 2010 is sold via affiliate networks, which is a way to for cyber criminals to monetize botnets.

Nobody knows who is behind Conficker, but it still has over 10 million infected PCs today.

The recent Aurora attack shows malware with a different motive, corporate and country to country espionage

Stuxnet was remarkable because it was a new virus that uses multiple 0-day exploits. And it was the first malware to attack the WinCC and Siemans Simatic factory control system.

Large SMS messages are cut up in smaller SMS messages, this means that the SMS messages need to be parsed by the phone to put it back together and thus can be used as an attack vector to breach the phone. By using a technique known as fuzzing, Miller and Mulliner where able to find exploitable conditions that could be turned into an attack and an iPhone virus. The attack takes a total of 519 SMS messages, but will work without any user interaction.

Charlie Miller urges anybody with an iPhone to turn it off if they get a text message with a single square character. “That small cipher will likely be the only warning that someone has taken advantage of the bug”.

Apple was notified on the 18th of June and to date has not released a fix.

They also showed that smart phones like the iPhone and Adraoid and Windows mobile phone based devices can be forced to stop working with a single crafted SMS. The simplest attack was against HTC Windows Mobile phones which crash on any SMS containing the character sequence: “%n”.