Results 1 to 7 of 7

Thread: First STUXNET, now FLAME???

  1. #1
    Join Date
    Jun 2006
    Beans
    393
    Distro
    Xubuntu 12.04 Precise Pangolin

    First STUXNET, now FLAME???

    Has anyone been following the recent discovery of this new super virus they're calling Flame which is apparently related to Stuxnet?

    http://www.techspot.com/news/48886-f...orked-pcs.html

    If you've come across any good stories on Flame, please post them!

  2. #2
    Join Date
    Oct 2009
    Beans
    Hidden!
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: First STUXNET, now FLAME???

    Come to #ubuntuforums! We have cookies! | Basic Ubuntu Security Guide

    Tomorrow's an illusion and yesterday's a dream, today is a solution...

  3. #3
    Join Date
    Nov 2007
    Location
    England
    Beans
    733
    Distro
    Ubuntu 11.10 Oneiric Ocelot

    Re: First STUXNET, now FLAME???

    Want an alternative to 99% of Windows applications?
    http://www.osalt.com/

    "Dude, real programmers compile" - Plato 428BC

  4. #4
    Join Date
    Jun 2006
    Beans
    393
    Distro
    Xubuntu 12.04 Precise Pangolin

    Re: First STUXNET, now FLAME???

    Nice posts. This is fascinating.

  5. #5
    Join Date
    Sep 2009
    Beans
    8,874
    Distro
    Ubuntu Development Release

    Re: First STUXNET, now FLAME???

    Quote Originally Posted by CharlesA View Post
    Hehe state sponsored.

    Screenshot from 2012-06-11 14:21:19.png





  6. #6
    Join Date
    Oct 2005
    Location
    Connecticut, USA
    Beans
    1,496
    Distro
    Ubuntu 12.04 Precise Pangolin

    Re: First STUXNET, now FLAME???

    Quote Originally Posted by drawkcab View Post
    Has anyone been following the recent discovery of this new super virus they're calling Flame which is apparently related to Stuxnet?

    http://www.techspot.com/news/48886-f...orked-pcs.html

    If you've come across any good stories on Flame, please post them!
    Do you mean THIS flame?
    http://www.wired.com/threatlevel/2012/05/flame/?utm_source=feedburner&utm_medium=feed&utm_campaig n=Feed%3A+wired%2Findex+%28Wired%3A+Index+3+%28Top +Stories+2%29%29


    Like how it was a joint venture of America and Israeli governments to sabotage Iran's nuclear facilities?
    http://arstechnica.com/tech-policy/2012/06/confirmed-us-israel-created-stuxnet-lost-control-of-it/

    *Please, no politics. The article is stating their relationship and admission, but please do not force the thread to be closed due to political talk.*

    Or that it was assigned an old Microsoft Windows Terminal Client certificate and can infect a fully up-to-date patched Windows?
    http://arstechnica.com/security/2012/06/flame-malware-was-signed-by-rogue-microsoft-certificate/

    Or that it can spoof itself as a Windows update?
    http://news.cnet.com/8301-10805_3-57447277-75/flame-virus-can-hijack-pcs-by-spoofing-windows-update/?part=rss&subj=news&tag=title

    Yeah, I've been kinda following it
    Friends don't let friends wear a red shirt on landing-party duty.
    DACS | Connecticut LoCo Team | My Blog
    Ubuntu User# : 17583, Linux User# : 477531

  7. #7
    Join Date
    Mar 2011
    Beans
    669

    Re: First STUXNET, now FLAME???

    Quote Originally Posted by CharlesA View Post
    Oh, my article =p I wrote that the day it hit the news so it's a bit out of date.

    I remember people saying it wasn't anything special and probably wasn't state sponsored. I bet they feel silly.

    I suspected then that it was a US project as it used the vulnerabilities common to Stuxnet and was made years back. It later became obvious that it was a large project as they spent hundreds of thousands of dollars to create an MD5 hash collision in order to spoof the Windows Update and infected fully patched Windows 7 machines.

    Attacks like Flame are uncommon. This attack likely cost over a million dollars in terms of development time/ resources and computing resources.

    But it is a nice reminder that no system is immune. This attack went after what should have been a secure system - Windows update, but do to (the inevitable) errors in the system they were able to exploit it using a very costly hash collision.

    Windows now has a way more secure update system and an attack like this isn't likely to happen again - they've just driven up the cost for attacking Windows Update up a massive amount. It's not outside of the US budget to do it, it's just way more costly.

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •