Dark Reading: How Flame Hid In Plain Sight For Years

/Home/Internet Security: Articles/Internet Security: Dark Reading/Dark Reading: Attacks & Breaches

Easy-to-crack encryption likely helped keep Flame alive, as well as its resemblance to conventional software

May 31, 2012
By Kelly Jackson Higgins

One of the most striking aspects about the newly discovered Flame malware kit is its ordinary appearance -- which is what helped make it so elusive for years.

As security researchers dig deeper into the massive lines of code that make up this targeted attack threat discovered this month, the fact that this dangerous cyberespionage kit evaded security controls for so long demonstrates how its similar structure to a commercial software program and its use of off-the-shelf techniques, such as SSL, SSH, and a SQL database, helped it blend in with other application traffic.

Click the URL above to read the full article