Flame update: ‘suicide’ command sent by creators to remove alltraces of malware – Induction Wok Pan

Described as ” one of the most complex threats ever”,the malware, Flame which was recently detected, infecting computersystems from all around the world with a particular interest incountries in the Middle East, has increasingly been drawingattention because of the nature of its infections. Delving deepinto the computer systems of governments, universities andbusinesses, the malware sought to extract confidential technicalinformation, which as seen in Iran”s case, which so heavyinfestation, related to sensitive technical information that couldhave possibly related to its nuclear program. When first detected, as reported by Russian security firm,Kaspersky Lab, the malware soon went offline and now it is beingreported by another security firm, Symantec, that the allegedcreators of this malware have sent a self-destruct command to Flameto remove all traces of it from infected computers. Writing on its blog , Symantec said that, “Late last week, some Flamercommand-and-control (C&C) servers sent an updated command toseveral compromised computers. Nonstick Frying Pans

This command was designed tocompletely remove Flamer from the compromised computer.” The site then gave a list of the types of files that had beenselected to “suicide” or self delete by the command andfurther proving the sophisticated nature of the malware attack, the‘suicide” command was such that it would locate allFlame files on an infected PC, delete them and then overwrite intheir place, so called ‘gibberish” to throw off anyhint of its presence or detection. According to Symantec, the ‘suicide” command wasprobably written in May, possibly following the malware”sdetection and subsequent inactivity. The firm was able to detectthe ‘suicide” command by using a ‘honeypot”computer. Such computers are widely used by security firms as theyallow the analysts to study the infection; the‘honeypot” details or reports the nature of its owninfection helping firms to study malwares and other such programs.The ‘suicide” command, it was noted, was sent fromthose command and control servers that the creators of Flame stillhad access to; security firms have been able to take control ofsome of these servers. Induction Wok Pan

In addition to this, analysis of Flame has revealed some startlinginsights. The first again points to its level of sophistication asanalysts have noted that the malware has used an ‘obscurecryptographic technique” known as “prefix collisionattack,” the first of its kind to do so. Marc Stevens, acryptology expert from Centrum Wiskunde & Informatica (CWI) remarked , “The design of this new variant required world-classcryptanalysis.” Evidence of this has led analysts to believe that Flame”screation can be attributed to a government rather than merecybercriminals owning to the complexity of its design. China Nonstick Frying Pans

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s