You’re likely familiar with the names of common malware strains such as MOUSEISLAND, Agent Tesla and TrickBot. But do you know how new malware threats get their names?
As a cybersecurity writer, I quickly add new strains to my vocabulary. But I never knew how they came to have those names in the first place. After writing numerous articles on malware, I decided to dig deep into the naming conventions to shed some light on that question. As it turns out, a name can tell you a lot about the malware itself — but it can also sow some confusion.
Threat Group Names
First, let’s talk about the difference between group names and malware strain names since they often intertwine and sometimes impact each other. With a one-hit-wonder group or a group with no known name, occasionally, the malware shares the group name. However, in most cases, there is a unique name for both the group and the malware.
You can often learn a lot about a group from its name. Group names often reference the nation-state associated with the group, such as Bear for Russia and Panda for China. The name often reflects the group’s motivation as well. “Spider” in the name means that money motivates a group, and “Jackals” refer to hacktivists.
A Few Common Naming Conventions
Now let’s get back to the question of how malware strains themselves are named. The short answer is that strains are named in several different ways. Of course, there are always outliers that get their names in ..
Support the originator by clicking the read the rest link below.
