Analysis Failure - My new team leader asked me to cost a fix to a bug the customer found. I looked up the ticket in our system. Somebody had already done an analysis and pro...
I read this rant about some malware called Flame being lame. This article was served up by F-Secure. The more I read, the more I liked Flame. This is no weak one trick hack. They got all kinds of stuff in their program. They should. The footprint is apparently huge.
Flame does SSH and SSL. It also runs code written in Lua. Flame can scan the files on your hard drives such as Word documents. It then extracts snippets of those files to pass back to a human for review. That way they can hone in on the valuable files without having to transfer lots of data.
Not only does Flame transport back document snippets, it sticks them in a SQLLite database. Oh yeah. Flame also does some other tricks like turning on your microphone and recording you. It will use GPS info from camera images to figure out where you are in the world. Flame will connect to your Bluetooth phone to grab your address book off your phone.
Flame replicates it messaging data on your USB sticks. It detects when you detect the malware, and then tries to hide itself. Flame also intercepts and hacks Microsoft updates. The list goes on. Sure some of these techniques might have been used before. But Flame is the juggernaut.
Not sure what the hell F-Secure is talking about. Flame is not lame. It rules. It owns.Maybe F-Secure is embarassed that Flame was out there undetected for years. Heh.