Iran-targeting Flame malware used huge network to steal blueprints

[JMH]

Attackers behind the Flame espionage malware that targeted computers in Iran used more than 80 different domain names to siphon computer-generated designs, PDF files, and e-mail from its victims, according to a new analysis from researchers who helped discover the threat.

The unknown authors of Flame shut down the sprawling command-and-control (C&C) infrastructure immediately after last Monday's disclosure that the highly sophisticated malware had remained undetected for at least two years on computers belonging to government-run organizations, private companies, and others. The 80 separate domain names were registered using a huge roster of fake identities, and some of the addresses were secured more than four years ago.

http://arstechnica.com/security/201...alware-used-huge-network-to-steal-blueprints/

 

[James7679]

:hysterical:
Are they really complaining?

 

[JMH]

[h=1]Microsoft Updates Certificates after Flame Exploit[/h]

Businesses should install a Microsoft security update to avoid being duped by exploited certificates that were used as part of the Flame malware attack against targeted Iranian computer networks.


The update fixes a vulnerability in Microsoft's Terminal Server Licensing Service that allowed signing of software with certificates as if it were code originating from Microsoft, the company said in a blog post. (See also The Flame Virus: Your FAQs Answered.")


MORE: Flame malware's structure among most complex ever seen, says Kaspersky Lab

http://www.pcworld.com/article/256788/microsoft_updates_certificates_after_flame_exploit.html#tk.rss