URL Competition @VB2015
For the second time, we ran an URL competition during the Virus Bulletin conference 2015. We plan to host a URL competition every year.
Conference delegates received a code to register for the competition.
26 Malware Hunters (from 14 different companies) joined the competition and submitted in total 238 URLs during the conference. Most of the submissions were 404, PUA, exploits that did not work on the target system or clean URLs/files.
Result
0 participants were able to find any URL which compromised more than 1 system, each protected by a different security product.
1 participant was able to find 3 URLs which compromised 1 of the 5 systems, each protected by a different security product.
2 participants were able to find 2 URLs which compromised 1 of the 5 systems, each protected by a different security product.
The first place went this year (again) to Yandex!
The second place ex-equo goes to Avira and ESET
Some of the instructions that were given for the test: Discover our award-winning, fully automated testing framework. Try to find and submit URLs with malicious content that is not blocked on any of our five test systems. All are fully patched Windows 7 systems, each one protected with a different well-known security product. The aim is to find and submit malware links that are not blocked by any of the protection features of the OS or the 5 tested security products. The competition is open to all registered participants of the Virus Bulletin Conference 2015. To enter, use your card in the delegate pack or ask an AV-Comparatives team member for your card. For ethical reasons, URLs and malware deemed to have been written especially for the competition will not be accepted.