I had never heard of the EICAR test virus before. EICAR stands for European Institute for Computer Antivirus Research. Basically it’s just a 68 or 70 byte com program that all major antivirus should pick up as a virus. This enables you to test the functionality of your antivirus program without the risk of using a real virus. To test yours you can simply paste the following into notepad and save it as a .com file.
I’ve already thought of a few scenarios where this could be used to the advantage of an attacker, especially in a social engineering engagement.
Perhaps I’ll post such a scenario later.