Printed from http://www.electronista.com

Flame malware extinguished by creators

updated 06:56 pm EDT, Fri June 8, 2012

Code auto-uninstalls using newly-sent command

The originators of the accidentally-discovered Flame malware may have sent commands to the controlled machines to delete and overwrite itself. Interestingly, rather than use a pre-existing command in the code, aptly titled SUICIDE, the controllers sent a whole new directive file that assisted in the auto-uninstallation.

Symantec reports compromised computers were sent a file called browse32.ocx, which contains a list of files to delete without leaving any trace of the original infection. It is unknown why the new command was sent, rather than the utilization of the already extant component in the Flame code. The specific list of files deleted can be found on the Symantec webpage.

Flame was accidentally discovered while another malware threat was being investigated. Microsoft released a high-priority update and security advisory after parts of the Flame malware were found to be signed with reverse-engineered Microsoft Root Authority certificates.



By Electronista Staff
Post tools:

TAGS :

toggle

Comments

Login Here

Not a member of the MacNN forums? Register now for free.

toggle

Network Headlines

toggle

Most Popular

Advertisement

Recent Reviews

Moshi iVisor AG and XT for iPad Air 2

Have you ever tried to put in a screen protector that relies on static to cling to the screen? How many bubbles and wrinkles does it h ...

Epson PowerLite Home Cinema 3500 projector

Trying to find the perfect projector for a home theater can be tricky, as there are bountiful options on the market from a large numbe ...

Thecus N2310 NAS

For every computer user, there comes a point of critical mass in data storage. When it hits, external hard drives, USB sticks and DVD ...

Advertisement

toggle

Most Commented

 
toggle

Popular News