Everybody in the security world these days is talking about Flame, the monstrously fat piece of malware found all throughout the Middle East (centered around the remarkably uninfected Israel). For those unaware, Flame weighs in at over 20 megabytes and is composed of numerous functional modules giving it all sorts of capabilities like listening through microphones, activating video, bluesnarfing, etc. None of that was particularly impressive and its sheer size and presence of human readable strings screamed of amateurish development. What did pique researcher’s interest was a unique adaptation of cryptographic hash collisions in order to fool Windows operating systems into trusting a fraudulent windows update server. Researchers are claiming Flame was clearly associated with world class mathematicians in order to rapidly produce MD5 collisions for use. The malware itself is already beginning to shutdown across the world but the code is already under scrutiny. Too bad the White House leaked they were behind Stuxnet and Duqu because reverse engineers are already finding shared code from zero-day exploits within Flame found only in those tools.
Similarly tagged OmniNerd content: