Online Payment
image description

tech blogging > our corner of the web

tech blogging >

A Flame is Growing

Wednesday, July 18, 2012

A new virus has shown up in the technological world that has professionals baffled and amazed at the severity and complexity. Flame, also known as Flamer, sKyWIper or Skywiper is a piece of malware that was discovered in 2012, yet appears to have been active as far back as 2010. Flame affects Microsoft Windows PC’s and can spread through a local network or via a USB drive and is mainly targeting cyber espionage in the Middle Eastern Countries. This piece of malware can record audio, screenshots, keyboard activity, and network traffic. It can also record Skype conversations as well. (Gostev, 2012)

Recently, however, the infection has worked its way into Microsoft Updates and can now spread through said means. Attackers located a flaw within Microsoft’s Terminal Services licensing certificate authority that allowed them to create their own ‘valid’ certificates. (Keizer, 2012) From there, they could fool the Microsoft machine to believing their malware was a legitimate Microsoft Update. Following that, the infected machine could then trick neighboring machines to thinking the infected machine was a Windows Update machine, and pass off the malware to other machines.

Researchers are saying this is one of the most complex and largest malware infections they’ve seen. While most infections are less than 1mb in size, Flame is right around 20mb. Professionals estimate around 1 year just to analyze the code of the infection. Microsoft has taken the necessary steps to stop the false certificates from registering within their Operating System to minimize infections. At this point, the best preventive measures include having up-to-date antivirus, monitor which websites you visit, and continue to receive Windows updates straight from Microsoft’s website. While the malware infection may not seem to be affecting the North American continent for now, there’s no saying the attackers will focus their attacks elsewhere. Always stay protected!

Comments
Post has no comments.
Trackback Link
http://www.itrw.net/BlogRetrieve.aspx?BlogID=11506&PostID=544988&A=Trackback
Trackbacks
Post has no trackbacks.