Updated 24 May, 2013, 7:53 pm IST
Flame malware controllers send uninstall command
| by Rossi Fernandes |
Kaspersky Lab had announced the discovery of the sophisticated malware, that was called Flame and the recent spate of Flame malware attacks have been grabbing headlines, across the world. It was said to have been actively used as a cyber weapon targeting entities across several countries. It all started off in the Middle-East and it was said to be spreading across the world. The malware was discovered by Kaspersky Lab’s experts during an investigation prompted by the International Telecommunication Union (ITU), and the analysis of the malicious program revealed it was the largest and most complex attack toolkit to date. Kaspersky Lab’s analysis of the malware revealed that it was currently being used for cyber espionage and that it would infect computers to steal data and sensitive information. The stolen data would then be sent to one of Flame’s command & control (C&C) servers.
According to Symantec, the Flame malware also has a self-terminate feature, called SUICIDE, which can be used to remove the malware from the infected PC. The control of this, however lies in the hands of the people who developed the malware itself. The Flame malware has command and control servers that send updates to the infected PCs. In this case, the malware received updates that included removing of the Flame malware from the PCs. A file browse32.ocx was sent to each one of those PCs as well, which would be used to remove the tool. The module would then delete a whole bunch of files that were present on the Windows installation. Most of them were from the Program Files folder, while there were some that were placed in temporary folders across the drive.
Flame to go up in flames?
This module is said to have been made on the 9th of May, a few weeks after the malware was found to be spreading on the web. The module may have been tested even before the malware was released on the web.
Soon after the malware was discovered, Kaspersky Lab contacted CERTs in multiple countries to inform them about the Flame C&C domain information and IP addresses of the malicious servers. There were also some interesting notes that were released by Kaspersky Lab.
If the actions are successful, we should soon have reports on the web of the effect of the Flame malware subsiding in the days and weeks to come.
Tags: Flame Virus , flame virus Microsoft bug , Microsoft bug flame virus , Microsoft flame software fix , iran confirms flame virusKaspersky Lab , Kaspersky Antuvirus , Stuxnet virus , Malicious software , Cyber Crime , Data Theft , Cyber Weapon , Duqu Virus , Eugene Kaspersky , state sponsored attack , flame state sponsored , kaspersky labs , iran flame syber attack , cyber attack iran , flame cyber attack , flame virus iran , middle east flame attack , flame middle east virus
The combination of supreme hardware, class-leading software and the guarantee of getting timely upda...
Leaked Images, Availability, Pricing,
We bring you a handful of useful tips and tricks to get more out of your...
By Team Tech2
Pirated or legal, the vast majority of us use Microsoft Office. It’s...
Methods to implement to hide your IP address whilst on the Internet
By Francis D'sa
Sat May 25, 05:48:53
Sat May 25, 04:29:44
Fri May 24, 23:13:17