Full analysis of Flame's command & control servers
(Publication) Google search: [1]
| Full analysis of Flame's command & control servers | |
|---|---|
| |
| Botnet | Flame |
| Malware | |
| Botnet/malware group | |
| Exploit kits | |
| Services | |
| Feature | |
| Distribution vector | |
| Target | |
| Origin | |
| Campaign | |
| Operation/Working group | |
| Vulnerability | |
| CCProtocol | |
| Date | 2012 / 17 septembre 2012 |
| Editor/Conference | Kaspersky lab |
| Link | https://www.securelist.com/en/blog/750/Full Analysis of Flame s Command Control servers (Archive copy) |
| Author | GReAT |
| Type | |
Abstract
“ Our previous analysis of the Flame malware, the advanced cyber-espionage tool that's linked to the Stuxnet operation, was initially published at the end of May 2012 and revealed a large scale campaign targeting several countries in the Middle East.
The Flame malware, including all of its components, was very large and our ongoing investigation revealed more and more details since that time. The news about this threat peaked on 4th June 2012, when Microsoft released an out-of-band patch to block three fraudulent digital certificates used by Flame. On the same day, we confirmed the existence of this in Flame and published our technical analysis of this sophisticated attack. This new side of Flame was so advanced that only the world's top cryptographers could be able to implement it. Since then, skeptical jokes about Flame have disappeared.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1170,
editor = {Kaspersky lab},
author = {GReAT},
title = {Full analysis of Flame's command & control servers},
date = {Error: Invalid time.},
month = Error: Invalid time.,
year = {2012},
howpublished = {\url{https://www.securelist.com/en/blog/750/Full_Analysis_of_Flame_s_Command_Control_servers}},
}