---- Warnings Raised Over 'Flame' Data Collection Malware
Robert_Charlton - 9:04 pm on Jun 8, 2012 (gmt 0)
Two stories related to the above...
In trying to sort out my own Symantec issues this morning, I came across a story on Mashable that expands on the BBC Flame story....
Did the World’s Nastiest Virus Try to Self-Destruct? [mashable.com...]
The self-destruct command was a file called "browse32.ocx." When the file is run on an infected computer, it automatically locates every bit of Flame's code, removes it, and writes random data over the original code. That process is designed to prevent anybody from studying Flame using a computer that's been infected but has received the self-destruct code.... One could... call it the 'uninstaller.'"
The NY Times Stuxnet story is very much related to Flame (which is now being described as an extremely sophisticated scout program, to lay the groundwork for future Stuxnet-like attacks). From earlier this week... a 47-min Fresh Air interview with David Sanger, the author of the NY Times story. The interview is absolutely gripping...
'Obama's Secret Wars' Against America's Threats Fresh Air June 4, 2012 [npr.org...]
Sanger explains that [US and Israeli officials] initially sent a bit of computer code called a beacon into Natanz to map the plant's electronic infrastructure.... "And from the data that they gathered there, the U.S. and the Israelis designed a computer worm that would replicate within the system".... (To test the worm, U.S. officials) built a full-scale replica of the Natanz plant on the grounds of the Department of Energy's national laboratories.
Flame is apparently the next generation of Stuxnet's beacon.