Difference between revisions of "Full analysis of Flame's command & control servers"

(Publication) Google search: [1]

Full analysis of Flame's command & control servers
Botnet	Flame
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date	2012 / 17 septembre 2012
Editor/Conference	Kaspersky lab
Link	https://www.securelist.com/en/blog/750/Full Analysis of Flame s Command Control servers www.securelist.com (www.securelist.com Archive copy)
Author	GReAT
Type

Abstract

“ Our previous analysis of the Flame malware, the advanced cyber-espionage tool that's linked to the Stuxnet operation, was initially published at the end of May 2012 and revealed a large scale campaign targeting several countries in the Middle East.

The Flame malware, including all of its components, was very large and our ongoing investigation revealed more and more details since that time. The news about this threat peaked on 4th June 2012, when Microsoft released an out-of-band patch to block three fraudulent digital certificates used by Flame. On the same day, we confirmed the existence of this in Flame and published our technical analysis of this sophisticated attack. This new side of Flame was so advanced that only the world's top cryptographers could be able to implement it. Since then, skeptical jokes about Flame have disappeared.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1170,
   editor = {Kaspersky lab},
   author = {GReAT},
   title = {Full analysis of Flame's command & control servers},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2012},
   howpublished = {\url{https://www.securelist.com/en/blog/750/Full_Analysis_of_Flame_s_Command_Control_servers www.securelist.com}},
 }