The Common Malware Enumeration (CME) initiative aims to provide single, common identifiers to new virus threats (i.e., malware) for the benefit of the public.

says the FAQ section of Mitre’s project site.

But are there ‘common identifiers’ for recently spreaded malwares? Some examples of the different names assigned to new Word Trojan and its dropper component:

BackDoor-CKB (McAfee)
Backdoor.Ginwui (Symantec)
BDS/Ginwui.A.4 (Avira)
Ginwui.A (F-Secure)
Gusi.A (Panda)
Trojan-Dropper.MSWord.1Table.bd, Backdoor.Win32.Gusi.a (Kaspersky)
Troj/Oscor-B (Sophos)
Win32/Ginwui (CA)
Win32/Ginwui.A, BKDR_GINWUI.A (Trend Micro)
W32/Ginwui.A (Norman)
etc.

BTW: Why was it named to Ginwui, when the dll used is Winguis.dll. Maybe the reason is same as in Bagle and W32/Beagle case, some vendors just put ‘e’ to its name… If you are interested, check the CME-328 entry at cme.mitre.org/data/list.html#328.

Some statistics from the CME list:

May: none CMEs
April: none
March: 1
February: 2
January: 1

And back to 2005:

December: none (yes, zero CMEs)
November: 3
October: 1
September: none

Conclusion:
The only remarkable CME name mentioned in the news and being used in security community is CME-24. If I say Nyxem.E. Blackmal.E , Blackworm or Kama Sutra, you’ll probably remember it

BTW: CME is sponsored by the US-CERT, part of DHS. I believe that money is not the problem…

Some related links:
CERT/CC: Computer Virus Resources
(old, but updated frequently)
www.cert.org/other_sources/viruses.html

AV-Test.org -> News
Cross Reference List of Virus Names
(not widely discussed yet)
www.av-test.org/index.php3?lang=en

“To provide a candle in the dark and diminish the current confusion, we created a cross-reference list of all virus names (.ZIP file 139 KB), based on the WildList 02/2006.”

-

Find security holes before hackers do. Sign up for a Vulnerability Assessment now!