Date:21/09/12
Fresh analysis of the malware Flame suggests it could be part of a much wider "family".
Flame is believed to have targeted sensitive data in Iran. It has already been linked to Stuxnet, which was aimed at Iran's nuclear infrastructure, the BBC reported.
Analysis of the server controlling the malware suggests three similar pieces of code are as yet undiscovered.
The study also suggests Flame dates back to 2006, much earlier than previously thought.Discovered in May, Flame has already been linked to Stuxnet, a worm that attacked Iran's nuclear infrastructure, and Duqu, a data-stealing worm that also infected some of Iran's computer systems.
The new report is a joint study from security firms Symantec, Kaspersky, the Crypto Labs in Budapest and the UN's International Telecommunications Union.They were given access to the command and control servers of Flame.
Spelling mistake
It revealed the servers were using four communications protocols, only one of which was being used by Flame.
"I can't imagine that the other three were not being used. The conclusion seems to be that there is something else out there," said Prof Alan Woodward, a visiting professor at the University of Surrey's department of computing.
Flame has been described as one of the most complex computer threats ever discovered, but the study suggests attempts to destroy all evidence of it went wrong because of a spelling mistake.
"One might imagine that this type of code had a 'kill' button but in fact they had to program it," said Prof Woodward,
"Those behind it did try and destroy it. They may have known that they were about to be rumbled, but they failed at the last minute by mistyping the name of the file," he added.
Many believe the complexity of Flame and the other pieces of related malware points to state-sponsorship, but Prof Woodward said the latest analysis showed little involvement from intelligence agents.
"They don't start from the perspective of what can I look for. It appears to be written by computer analysts not intelligence analysts," he said.
More malware targeting Iran could yet be discovered
Fresh analysis of the malware Flame suggests it could be part of a much wider "family".Flame is believed to have targeted sensitive data in Iran. It has already been linked to Stuxnet, which was aimed at Iran's nuclear infrastructure, the BBC reported.
Analysis of the server controlling the malware suggests three similar pieces of code are as yet undiscovered.
The study also suggests Flame dates back to 2006, much earlier than previously thought.Discovered in May, Flame has already been linked to Stuxnet, a worm that attacked Iran's nuclear infrastructure, and Duqu, a data-stealing worm that also infected some of Iran's computer systems.
The new report is a joint study from security firms Symantec, Kaspersky, the Crypto Labs in Budapest and the UN's International Telecommunications Union.They were given access to the command and control servers of Flame.
Spelling mistake
It revealed the servers were using four communications protocols, only one of which was being used by Flame.
"I can't imagine that the other three were not being used. The conclusion seems to be that there is something else out there," said Prof Alan Woodward, a visiting professor at the University of Surrey's department of computing.
Flame has been described as one of the most complex computer threats ever discovered, but the study suggests attempts to destroy all evidence of it went wrong because of a spelling mistake.
"One might imagine that this type of code had a 'kill' button but in fact they had to program it," said Prof Woodward,
"Those behind it did try and destroy it. They may have known that they were about to be rumbled, but they failed at the last minute by mistyping the name of the file," he added.
Many believe the complexity of Flame and the other pieces of related malware points to state-sponsorship, but Prof Woodward said the latest analysis showed little involvement from intelligence agents.
"They don't start from the perspective of what can I look for. It appears to be written by computer analysts not intelligence analysts," he said.
Views: 917
©ictnews.az. All rights reserved.
Similar news
- Cellphone Use May Raise Cancer Risk
- Australian police pushes cyber safety education
- Vietnam aims to lead in e-government
- Senate Website Gets Hacked
- US builds net for cyber war games
- Japan enacts anti-computer virus law
- India passes law vs e-waste
- Anonymous Declares War On The City Of Orlando
- Microsoft highlights evolving dangers as online identity data proliferates
- Consumers want internet security to be provided by banks
- Government facilities targets of cyber attack
- South Korean web attacks might been war drill
- Sri Lanka to Establish National Passport Database to Increase Border Security
- Hi-tech crime agencies set to employ information security professionals
- Phone hacking and online campaign bring down the News of the World
