This Spotlight On Malware will focus on a piece of malware discovered in May of 2012 that was arguably the most advanced piece of malware at the time. I speak of the Flame worm.
According to Kaspersky, the first antivirus company to discover the worm, Flame had been in the wild since 2010, maybe earlier. I will not go into what Flame does and how it does it, because to explain would take the better part of 7 pages. So I will only say that it is at least 20 times more complicated then the Stuxnet worm, it is a very large file (20 MB), and it was government written with attack purposes in mind.
When placed on a machine, Flame detected the antivirus software installed on the infected computer and modified it's behavior to avoid detection. Flame does not deactivate automatically, but when it came out that Flame was infecting the PCs of people who were not targets, Command and Control centers sent out a kill command for the worm to remove every trace of itself from all infected PCs.
While it is unknown who wrote the Flame worm, I believe that it was supported in some way by the United States. The Stuxnet worm was written as a joint project between the US and Israel, so this is not a shot in the dark as to what country was responsible for this worm.
No comments:
Post a Comment