Researchers find direct link between Flame, Stuxnet malware

zigzag3143

Contributor, Sysnative Staff Emeritus
Joined
Mar 27, 2012
Posts
3,741
[h=1]Discovery of new "zero-day" exploit links developers of Stuxnet, Flame[/h]
Security researchers say they've found a conclusive link between the Flame espionage malware and Stuxnet, the powerful cyberweapon that US and Israeli officials recently confirmed they designed to sabotage Iran's nuclear program.

An early version of Stuxnet dating back to 2009 contained executable code that targeted what was then an unknown security flaw in Microsoft Windows, a discovery that brings the number of zero-day vulnerabilities exploited by the malware to at least five, researchers from Kaspersky Lab said Monday morning. Even more significantly, they discovered that a 6MB chunk of code found in the Stuxnet.A (1.0) variant contained the guts of today's Flame. In addition to unearthing previously overlooked data about how Stuxnet hijacked targeted networks, the discovery is important because it establishes the first positive connection between the developers of Stuxnet and those behind Flame, which came to light two weeks ago as a highly sophisticated espionage platform that targeted computers in Iran and other Middle Eastern countries.

http://arstechnica.com/security/2012/06/zero-day-exploit-links-stuxnet-flame/
 
Source code smoking gun links Stuxnet AND Flame

A direct link exists between the infamous uranium enrichment sabotage worm Stuxnet and the newly uncovered Flame mega-malware, researchers have claimed.

Russian virus protection outfit Kaspersky Lab said in a blog post yesterday that although two separate teams worked on Stuxnet and Flame, the viruses' programmers "cooperated at least once during the early stages of development".

http://www.theregister.co.uk/2012/06/12/stuxnet_flame_links_discovered_by_security_researchers/
 
They were all worried that this amazing Stuxnet would open the pandora's box of future malware and they were right... Stuxnet is genius, but once it got into the hands of people who were not supposed to get it, and the source code basically became publicly available, that was the worst part of it in my opinion.
 
Back
Top