Flame Lights Its Own Self-Destruct Fuse

H

HardOCP News

[H] News
Joined
Dec 31, 1969
Messages
0
It would seem the Flame virus had a self-destruct mode. Wow, virus authors are now coding self-destruct sequences in to cover their tracks? :eek:

From here, infected machines received a new module from the remaining command and control servers — browse32.ocx — which has the purpose of covering Flame's tracks. It not only has a hit-list of all Flame-related files and folders to delete, but it subsequently rewrites random characters on the disk to ensure that the old data can't be retrieved.
Click to expand...
 
Steve said:
Wow, virus authors are now coding self-destruct sequences in to cover their tracks? :eek:
Click to expand...

Ordinary malware authors? Not so much. State sponsored cyberwarfare units? You bet, especially after Stuxnet was dissected by the community.
 
It seems a lot like closing the barn door after the cows have escaped...
 
Mohonri said:
It seems a lot like closing the barn door after the cows have escaped...
Click to expand...

Closing the barn door with the cow out? Isn't that like zipping your fly up on...yourself...and getting the beans above the frank?
 
Maybe they should have researched its origins a bit more before going public about it...
 
saitei said:
Maybe they should have researched its origins a bit more before going public about it...
Click to expand...

you mean Kaspersky? (who was the one who outed it) Absolutely no point. As a private enterprise he had nothing to gain (but US/Isreali/UK business to loose) by pointing fingers. As it is, this wipes out loads of potential customers he would have had.
 
weebling1 said:
you mean Kaspersky? (who was the one who outed it) Absolutely no point. As a private enterprise he had nothing to gain (but US/Isreali/UK business to loose) by pointing fingers. As it is, this wipes out loads of potential customers he would have had.
Click to expand...

Anti-virus author had nothing to gain by outing a virus? Somehow I bet Kapersky subs jumped a bit after this info was released. I always believed that "some" of these viruses are released by ant-virus companies (puts on tin-foil hat) then when they "out" them, they get credit and already have a cure in hand. (not saying that this is the case here) However, never really trusted them, especially one with close ties to the russian govt.
 
Last edited:
magnetik said:
Anti-virus author had nothing to gain by outing a virus? Somehow I bet Kapersky subs jumped a bit after this info was released. I always believed that "some" of these viruses are released by ant-virus companies (puts on tin-foil hat) then when they "out" them, they get credit and already have a cure in hand. (not saying that this is the case here) However, never really trusted them, especially one with close ties to the russian govt.
Click to expand...

You selectively miss-quoted me. I said " ...by pointing fingers" Of course they gained subscriptions, but they did not attempt to reveal the authors
 
You must log in or register to reply here.
Back
Top