How does a kid go from tinkering with a ZX Spectrum in a small town in Málaga, Spain, to selling a global cybersecurity service to Google? That’s the question Bernardo Quintero delightfully answers in a new book that feels like you’re sitting down with an old friend who has some pretty cool stories to tell.
Quintero, one of the founding fathers of VirusTotal, lays it all out with wit, candor, and just enough irreverence to make ‘Infected: From Side Project to Google – The Journey behind VirusTotal’ a juicy read for first-time entrepreneurs and anyone in the threat intelligence space.
When Quintero asked if I’d fact-check any ‘lost-in-translation’ things before the English-language version shipped, I was hesitant, guessing it would be another one of those dry business how-to books. Digging in, I found Infected (ISBN 8409683660) to be an account that is more a behind-the-scenes tour of the life of a young boy fixated on computers, software code and scribbling notes on viruses.
This obsession eventually leads to founding Hispasec, a small but pioneering pen-test outfit in Spain, an ‘accidentally on purpose’ passion project that would become the industry’s authoritative database for malware hunting and threat intelligence.
For security professionals, the real heart of Infected comes in the chapters “VirusTotal: The Origin of the Idea” and “The Birth of VirusTotal.” Quintero vividly recounts how a personal itch to streamline malware scanning blossomed into a free, multi-engine tool that essentially transformed the way malware hunters collect and analyze data. Suddenly, a scrappy European firm was thrust into the global spotlight — one that would ultimately reshape threat intel research.
It’s worth noting that VirusTotal just marked its 20th anniversary — a milestone that underscores how entrenched Quintero’s creation is in CTI workflows.
One of the book’s most entertaining sections chronicles VirusTotal’s courtship by major players, including CrowdStrike long before it became a household name. Quintero describes CrowdStrike founders Dmitri Alperovitch and George Kurtz traveling to Malaga and shacking up at a basic three-star hotel to attempt a VirusTotal acquisition.
The courtship appeared to strain relationships inside VirusTotal and culminated with Kurtz sending a password-protected PDF containing an offer and pressuring Quintero to join a Skype video call to get the password. Believing it was a negotiation ruse to see his visual reaction to the offer, Quintero stalled for enough time to launch a brute-force attack against the ZIP file to peek at CrowdStrike’s bid.
Almost simultaneously, Google TAG founder Mike Wiacek (who would go on to create Chronicle and Stairwell) got wind of the CrowdStrike offer and escalated the opportunity all the way up to Larry Page and Sergey Brin. Within a day, Google made its move and gave the company three hours to respond. The rest is history.
If there’s one knock on Infected, it’s what Quintero doesn’t share — the nitty-gritty details of integrating with Google post-acquisition. While the book provides a riveting backstory of how VirusTotal came to be and how it landed inside the Google ecosystem, it stops short of illuminating the corporate and cultural hurdles that must have arisen afterward.
Particularly after 20 years of operation, some readers might crave insight into how the transition from scrappy independent operation to corporate subsidiary affected VirusTotal’s community ethos and core mission. There’s little mention of how commercial demands and Google’s internal processes might have reshaped the original spirit of open sharing.
Was there tension between staying true to a community-driven tool and the monetization imperatives of a tech titan? Did Quintero deliberately omit these details to stick to a pre-acquisition timeline? Or did Google’s PR gatekeepers encourage self-censorship? Quintero teases us with the story of signing on the dotted line, but never quite reveals what happened once Google got involved.
How did corporate structure shape — or possibly dilute — VirusTotal’s original community-driven mission? Was Quintero ever caught between profit-driven directives and the open spirit he fostered from the beginning? Is this still a controversial topic?
Where Infected excels is in sharing the colorful, human side of the cybersecurity industry, through the lens of hackers in Spain. Quintero is refreshingly honest about everything from interpersonal drama to small-town logistical challenges. There’s the early objections to data-sharing and the comical episode of Trend Micro pulling its antivirus engine from VirusTotal — only to slink back asking to rejoin and being pushed to the back of the queue.
Despite that gap, Infected remains a must-read for anyone in cybersecurity. If you’re drawn to the behind-the-scenes hustle of hacker-led entrepreneurs and the evolution of what is now a cornerstone of threat intelligence, this book offers a candid look at how a simple idea — scanning files with multiple AV engines — created a global phenomenon.
Perhaps, in a future sequel or anniversary edition, we’ll finally get that peek behind Google’s closed doors.
Related: Why Google Acquired VirusTotal
Related: Google Acquires VirusTotal
Related: Google Debuts New Security Products, Hyping AI and Mandiant Expertise
Related: VirusTotal Hacking Offers a Supercharged Version of Google Hacking
This post was originally published on here
