Flame malware subverts Windows Updates, infects networked PCs

By Rick
Jun 5, 2012
Post New Reply
  1. Flame or Flamer, an admittedly sophisticated piece of malware, appears to have more tricks up its sleeve than security researchers had initially believed. Security firm Kaspersky has discovered that the...

    Read the whole story
  2. Mudvayne819

    Mudvayne819 Newcomer, in training Posts: 41

    what when some good programmer/hacker get a hand on that thing and modify it for their needs then we will have a real crisis and the us governement who spread that virus will be to blame... what is goign to be the punishment... nothing
  3. Tygerstrike

    Tygerstrike TechSpot Enthusiast Posts: 827   +93

    @Mud

    Sorry this wasnt spread by the USA or the US Govt. If you do a bit of reading on the Flame issue, you will see that they believe it was produced by Isriel. Mainly for spying on the other countries that surround them. And what punishment were you considering valid for the US Govt. when it wasnt the US who either created nor spread this particular virus.
  4. Isriel? smh
  5. Chazz

    Chazz TechSpot Enthusiast Posts: 622   +56

    No need to respond to him. There are many US haters on the internet. Ignore them.
  6. So basically, if people moved to TLS 1.2 years ago and used decent hash algorithms, and encryption protocols with decent rather than barely useful bit sizes, this would never have happened. MD5 and SHA-1 are too small.
  7. mevans336

    mevans336 TechSpot Enthusiast Posts: 163   +11

    Until very recently, no browsers even supported TLS 1.2. OpenSSL only added support within the past year.
  8. treetops

    treetops TechSpot Evangelist Posts: 1,648   +51

    If someone adapts this and causes real problems random nerd beatings will sore to record levels. /jokes
  9. Point <> Counterpoint - Just another day here on Earth, people in fear of others create something to attack, defend, monitor, control, etc. and the others create something to attack, defend, monitor, control, etc. and the game continues throughout time and history. Enough is enough...
  10. wiyosaya

    wiyosaya TechSpot Enthusiast Posts: 198   +23

    Give the guest a prize! Hit that one right on the head, IMHO.
  11. I would love to no what microsoft is inturnally thinking aobut these guys who managed to fool windows. I won't be surprised if they are planning, or maybe no more then they let us believe?
     
  12. its either made in china or north korea LOL!!
  13. SNGX1275

    SNGX1275 TS Forces Special Posts: 12,409   +280

    Just because I feel it should be pointed out, I will do so.

    This is not only a proof of concept, it is an exploit "in the wild" although apparently intentionally limited in scope. This is a pretty insane exploit, yet it has almost no comments after over 2 days.

    Imagine if this happened on OS X. Oh wait, we don't have to imagine, because a much less harmful thing happened to OS X and the wrath of the PC world came to tech sites all over to comment on it.

    Now I do understand the argument of Mac users are smug and thing they are invulnerable. But I think that has been gradually dispelled for a couple years now with more OS X issues. All the while Windows users have been talking about how great Windows security is since Vista (disregarding how many people still use XP). Well this hits at the very core of Vista/7s security. Not only does it breach it, it spreads by the most trusted update ever, Windows update.
  14. Joke user.

    it can happen, specially when payed programmers are trying to crack down Windows on the daily basis. It is simply more popular hence more attacks.

    Derp user, Joke user is joke.

    Still OSX > All
  15. previous guest is clearly David Orcus!
  16. "Windows users have been talking about how great Windows security is since Vista "

    Not that I don't disagree with you, but me and my fellow "windows" users don't ever feel smug about any kind of OS security, no matter what OS we use, Linux,, Windows, IOS, Android.
    If anything windows users are more aware of the consequences of having a virus/malware (due to years of the platform being a common target for hackers).

    Tech aficionados know that security is forever a whack a mole process. It is always constant vigilance. You can make a bulletproof system, and someone will just make a better bullet. That's how it's always been since the days of early computing.

    For example there is SElinux which is supposed to be "secure", but you can bet if there was one dent in the armor, in the kernel or gnu userland modules, or a user has root access to do something and install something, then it can all go by the wayside.

    Clearly the flame virus is serious, it anything it should make Microsoft take up notice and continue the whack a mole process.

    Security is never static, it is always dynamic.


Add New Comment

TechSpot Members
Login or sign up for free,
it takes about 30 seconds.
You may also...
Get complete access to the TechSpot community. Join thousands of technology enthusiasts that contribute and share knowledge in our forum. Get a private inbox, upload your own photo gallery and more.