Code auto-uninstalls using newly-sent command
The originators of the accidentally-discovered Flame malware may have sent commands to the controlled machines to delete and overwrite itself. Interestingly, rather than use a pre-existing command in the code, aptly titled SUICIDE, the controllers sent a whole new directive file that assisted in the auto-uninstallation.
High priority update and security advisory posted
Earlier today, Microsoft has released a high-priority update and a security advisory after parts of the Flame malware platform were signed with one of the trusted digital certificates linked to the Microsoft Root Authority. The improper use of the certificates could mislead a user, bypass operating system safeguards, and permit the malware tool to be installed. The two intermediate certificate authorities used in the malware have been revoked.
Stuxnet developed by US and Israel, only to escape
The Stuxnet malware said to have ravaged Iranian nuclear facilities two years ago, and long thought to have been deliberately planted, was indeed the result of a joint collaboration between the United States and Israel. In a lengthy, in-depth examination of Stuxnet's history, The New York Times has examined the development of the worm, its survival through the end of the Bush administration, and the Obama administration's decision to press ahead with cyberattacks as a means of slowing Iran's alleged progression toward the development of nuclear capabilities.
Complex data vacuum likely government-backed
Russian security firm Kaspersky has uncovered a massive malware attack, referred to as Flame, that is believed to have gathered sensitive data from a wide array of countries, including Israel and Iran. The malware is said to be modular and expandable in a manner reminiscent of a smartphone app library. The BBC reports that the complexity of the malware has led experts to believe that it could only have been developed with the assistance of a government entity.