Foreign Minister: Statements Attributed to One of Russian President's Media Are Completely Devoid of Truth    World Bank sees 'major global recession' due to pandemic    WHO opens door to broader use of masks to limit spread of coronavirus    GACA launches Long Distance Learning Platform for Preparatory Year Students    Wall Street falls as coronavirus cuts into U.S. payrolls    KSrelief Distributes 315 Food Baskets in Socotra Governorate, Yemen    Lebanon Reports 14 New Cases of COVID-19    HRH Crown Prince Congratulates Senegalese President on his Country's Independence    Saudi Press: 150 Saudi Doctors, in France, to Combat Coronavirus Pandemic    Official Source at Ministry of Interior: Curfew in Dammam, Governorates of Taif, Qatif to be Scaled forward as of 03pm, beginning on Friday    Host Bids for AFC Asian Cup 2027 Extended    Saudi Stock Market index closes high at 6749.69 points    SAMA Urges Financing Institutions to Provide Services through "Tamweel" Platform    Bangladesh reports first coronavirus death    Senior Scholars Council Issues Decision No. 246 Regarding Attendance of Friday Prayer and Prayers at Mosques in a Case of Spread of Epidemic or Fear of its Spread    Saudi Aramco International Women's Golf Championship receives more than 100 international players    Liverpool ride early jolt to return to winning ways    Saudi Arabia to Host First Professional Women Golf Tournament    Hail Region Governor to Patronize 2020 Diabetes and Obesity International Conference    Winter at Tantora Celebrates Eastern and Western Culture as AlUla Embraces a Night of Persian Music    Saudi Health Economics Experts Dialogue Forum Held in Riyadh    Custodian of the Two Holy Mosques Addresses Citizens and Muslims on Eid Al-Fitr    Custodian of Two Holy Mosques addresses Citizens and Muslims on the Advent of Holy Month of Ramadan    Ministry of Hajj and Umrah Launches Awareness Message on Sacrifice Day    Newcastle Beat West Ham 3-0 for their first Win of the Season    Mourinho insists Ibrahimovic must be good enough for Manchester United    Reforms have saved the economy from possible recession, say analysts    The King and Crown Prince congratulates Moldova's President    More than 1,5 million pilgrims arrive in Saudi Arabia, so far    MWL allocates SR 7 million for Eid sacrifice project in 47 countries    Saudi Campaign provides educational and training services for Syrians in Al-Za'tari camp    Saudi student goes missing in Kentucky, US    Harvey lashes Texas US coast with high wind, torrential rain    North Korea tests short-range missiles as South Korea, US conduct drills    Samsung leader Jay Y. Lee given five-year jail sentence for bribery    Known days    "MODON" Signs MoU with Chinese Goldwind Company for wind-turbines manufacturing in the Kingdom    Flyadeal, Saudi Arabia's new low-cost airline, scheduled to launch on September 23, reports    Mastercard launches Masterpass in the Kingdom of Saudi Arabia    Honda among 27 Japan players named for World Cup qualifiers    Joker, Harley Quinn movie in works with 'Crazy Stupid Love' filmmakers    Madhuri Dixit to venture into Marathi films as a producer    Consumers warned against using some brands of face powder, hair products    How 'GOT' makers made the frozen lake in 'Beyond the Wall'    Shraddha Kapoor wants people to help the needy    Neymar targets improvement after phenomenal home debut    Politicizing the pilgrimage    Rakhi 2017: "Bond of Love" between a brother and his sister    

Thank you for reporting!
This image will be automatically disabled when it gets reported by several people.

Flame blown out
Published in The Saudi Gazette on 27 - 06 - 2012

Earlier this month, tech headlines were focused on the Flame malware. Now the fuss has largely died down as it appears that this espionage malware only infected a few hundred computers.
“Currently, based on what is known about Flame, it would be safe to say that the average user should lose no sleep worrying about it,” advised strategic information security consulting company help AG. “Flame wasn't as distributed as initially feared. If the user is running an updated antivirus and follows the normal practices, he will be safe. Of course, this leaves out some users particularly those users who use pirated software and such, because such software cannot be updated with the latest security patches.”
This doesn't mean that the Flame threat wasn't sophisticated. It just didn't spread as rapidly as originally feared. Nicolai Solling, director of Technology Services at help AG explained that the Flame virus, which was actually an attack toolkit, gained entry to computers running Windows by exploiting a vulnerability of the Windows Update Service. That's the service which fixes bugs in Microsoft's code.
“All updates provided for Windows require a security certificate signed by Microsoft,” said Solling. “However, by providing a signed security certificate that appeared to belong to Microsoft, the Flame virus bypassed this restriction. The unsuspecting PC then proceeded to download what appeared to be a genuine Windows update, which was in fact the loader for the Flame virus.”
Once Flame gained access to a computer, it would quietly harvest data off the infected machine. Cyber criminals could gain the ability to take screenshots, listen in to conversations though the system microphone or even capture video though an attached webcam. While the Flame malware was unusual in the method it used to gain access to a computer, it didn't succeed because according to Solling, many organizations didn't have the “environment” where Flame could be installed.
Bruce Schneier's blog “Schneier on Security” discussed the fact that security companies had samples of the Flame Malware at least two years ago but they did nothing to halt its slow, stealthy spread.
“It was never a priority to understand – and then write signatures to detect – the Flame samples because they were never considered a problem,” wrote Schneier. “Maybe they were classified as a one-off. Or as an anomaly.
I don't know, but it seems clear that conventional non-military malware writers that want to evade detection should adopt the propagation techniques of Flame, Stuxnet, and DuQu.”

Clic here to read the story from its source.