You might recall that I posted a story about a new piece of marware called Flame that seemed to be targeting computers in the Middle East and was very sophisticated in a scary sort of way. I guess the attention was too much for those who created this piece of marware as it apparently committing suicide to prevent anyone from analyzing it:
Researchers at the computer security firm Symantec say the command and control servers behind Flame began updating and activating a “suicide” module in the software late last week. The module essentially deletes all traces of the malware from an infected computer and then overwrites the section of the computer’s hard drive where the software used to live with random characters. In effect, the command is designed to make it impossible for the owner of the infected machine to study the infection.
The malware’s authors “are trying to roll up the operation so that it’s harder to know what they did and how they did it,” said Kevin Haley, director of Symantec Security Response. “They’re trying to cover their tracks.”
Clearly, whomever is behind this is no 12 year old. It’s clearly a group that’s either a nation state or a highly sophisticated group of cyber criminals. Either way, this isn’t a good thing. Expect more of this in the future.
Like this:
Like Loading...
Related
This entry was posted on June 9, 2012 at 5:01 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed.
You can leave a response, or trackback from your own site.
Flame Marware Being Killed Off By Its Creator
You might recall that I posted a story about a new piece of marware called Flame that seemed to be targeting computers in the Middle East and was very sophisticated in a scary sort of way. I guess the attention was too much for those who created this piece of marware as it apparently committing suicide to prevent anyone from analyzing it:
Researchers at the computer security firm Symantec say the command and control servers behind Flame began updating and activating a “suicide” module in the software late last week. The module essentially deletes all traces of the malware from an infected computer and then overwrites the section of the computer’s hard drive where the software used to live with random characters. In effect, the command is designed to make it impossible for the owner of the infected machine to study the infection.
The malware’s authors “are trying to roll up the operation so that it’s harder to know what they did and how they did it,” said Kevin Haley, director of Symantec Security Response. “They’re trying to cover their tracks.”
Clearly, whomever is behind this is no 12 year old. It’s clearly a group that’s either a nation state or a highly sophisticated group of cyber criminals. Either way, this isn’t a good thing. Expect more of this in the future.
Share this:
Like this:
Related
This entry was posted on June 9, 2012 at 5:01 pm and is filed under Commentary with tags Security. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.