Flame malware makers send 'suicide' code
Source: BBC News
The creators of the Flame malware have sent a "suicide" command that removes it from some infected computers.
Security firm Symantec caught the command using booby-trapped computers set up to watch Flame's actions.
Flame came to light after the UN's telecoms body asked for help with identifying a virus found stealing data from many PCs in the Middle East.
New analysis of Flame reveals how sophisticated the program is and gives hints about who created it.
Read more: http://www.bbc.co.uk/news/technology-18365844
HopeHoops
(47,675 posts)Response to HopeHoops (Reply #1)
bupkus This message was self-deleted by its author.
Purveyor
(29,876 posts)repositioned.
bahrbearian
(13,466 posts)neohippie
(1,142 posts)Apparently we admitted to making the malware, with help in delivering it from Israel
see this story
http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?_r=1&smid=fb-share
dixiegrrrrl
(60,010 posts)or else is totally ignorant.
The BBC article claims the Flame creators are unknown AND claims Israel was a victim of Flame,
while the nytimes ( the link about by neohippie) has quite a few fascinating articles on why the USA and Israel created the virus.
DainBramaged
(39,191 posts)JDPriestly
(57,936 posts)HopeHoops
(47,675 posts)I haven't heard of malware doing that before. It's clever, but insidious.
dipsydoodle
(42,239 posts)A failed attempt to prevent it from being re-used. Failed because they failed to acknowledge the speed at which it had already been broken down and analysed - it may well be at least be partly ready for re-use anyway.
As one of life's great believers in retribution hopefully whoever put it together in the first place gets their just blow back and in future takes care of what they wish.
HopeHoops
(47,675 posts)Paybacks are hell when they happen.
cliffordu
(30,994 posts)1monster
(11,012 posts)dipsydoodle
(42,239 posts)Worlds best cryptography brains behind Flame spy virus.
The spy malware Flame used bogus Microsoft certificates to infect new computers, a prominent cybersecurity expert says. The science needed to pull the trick probably required some of the worlds best knowledge of cryptography.
The virus, which spread across the Middle East and particularly Iran, can mask itself as legitimate patches distributed through a Windows Update, reports Marc Stevens from the Centrum Wiskunde & Informatica (CWI) in Amsterdam.
It does so by providing a fake digital certificate, stating that the malware is a code originating from a trusted producer, which appears to have been issued by Microsoft itself.
Obtaining such a fraudulent certificate required a so-called chosen-prefix collision attack. Its an attack targeting a specific cybersecurity algorithm called Message-Digest algorithm 5, or MD5. MD5 basically takes a piece of data and turns it into a unique digital fingerprint called a hash.
http://www.rt.com/news/flame-virus-windows-updates-346/