Cyber Criminals Overwriting Sophisticated Flame Virus to Cover Tracks

Paul Lilly

Back in May of this year, Kaspersky Lab announced the discovery of a "highly sophisticated malicious program" called Flame that's capable of stealing valuable information from targeted systems, including audio conversations. Kaspersky Lab later referred to Flame as "the most complex cyber-weapon to date," and following in-depth research, has discovered that the criminal minds behind it are in cahoots with the developers of Stuxnet and Duqu.

As the evidence piles up, the ones responsible for igniting the Flame virus are trying to remotely wipe the code from infected systems, presumably to prevent victims from ever realizing their data was stolen, the Los Angeles Times reports . As you read this, computer experts are trying to reverse engineer the code to figure out how best to protect PCs from the infection, and possibly to identify the attackers responsible.

Vikram Thakur, a security guru with Symantec, tells the L.A. Times that it's a move to "cover their tracks in any way they can." The interesting thing about it, he says, is that they're even "willing to take the risk of connecting to the servers, which could be watched."

Apparently, the cyber crooks know they're being watched and created a cleanup command weeks ago, one that overwrites infected disks with a bunch of random code.

Image Credit: SecureList

Follow Paul on Google+ , Twitter , and Facebook

Around the web

Comments