Malware Challenge

Home

News

Rules

FAQ

The Challenge

Results

Resources

Prizes

 

FAQ

1. I don't have much experience with malware analysis. Can I still participate?
   
   Absolutely!!! The goal of this challenge is to expand your malware analysis skills and to learn from others. Even if you don't have much experience analyzing malware, you still have a great shot at winning some prizes!
   
   
2. Why are you doing this?
   
   Tyler Hudak and Greg Feezel created this challenge because we feel
   that all IT system administrators now need to be able to analyze malware that anti-virus software does not detect. The malware challenge provides an opportunity to refine your malware analysis skills while having a chance to win some prizes!
   
   
3. Are you using real malware? Isn't that dangerous?
   
   Yes and yes. The malware being used in the test is malware we pulled from the wild. It will infect machines it is run on so you should take every precaution to ensure you do not infect machines or networks you do not mean to.
   
   NOTE: The creators of the malware challenge will NOT be held responsible for any unintentional infections due to your actions.
   
   
4. Can I win prizes?
   
   Yes! Winners of the malware challenge will be able to win prizes.
   
   
5. Where and when will the winners be announced?
   
   The winners of the malware challenge will be announced at the 2008 Ohio Information Security Summit on Friday, October 31, 2008 at 11:10 PM. At this time, Tyler and Greg will host a 1 hour session to discuss how the malware could have been analyzed and who the winners of the challenge are.
   
   
6. Do I need to be present to win?
   
   No, although we may be giving different prizes to those come to the summit.
   
   We encourage everyone who can come to the conference to come. The Ohio Information Security Summit is an excellent, low-cost security summit.
   
   
7. How will the analysis be graded?
   
   While there is no "point system" for the analysis, the judges will be looking for certain answers in the questions. This, however, does not mean the a lack of those answers means you wil "miss" a question. The judges will be looking for quality details in the analysis.
   
   If you are in doubt, describe the process you followed and your findings. You can't go wrong with that.
   
   
8. What is the air speed velocity of an unladen swallow?
   
   African or European?
   
   
9. I have more questions.
   
   Technically, thats a statement not a question. However, if you have other questions concerning the challenge not answered on the website, feel free to email us at 2008challenge@malwarechallenge.info.
   
   
   

Questions? Contest 2008challenge@malwarechallenge.info.