Flamer worm

Forum for analysis and discussion about malware.

Flamer worm

Postby rkhunter » Mon May 28, 2012 10:41 am

Flamer worm - Iran claims to discover new Stuxnet-like malware
The Iranian Computer Emergency Response Team (MAHER) claims to have discovered a new targeted malware attack attacking the country, which it has dubbed Flamer.
http://nakedsecurity.sophos.com/2012/05 ... n-malware/
User avatar
rkhunter
 
Posts: 1106
Joined: Mon Mar 15, 2010 12:51 pm
Location: Russian Federation
Reputation point: 146

Re: Flamer worm

Postby R136a1 » Mon May 28, 2012 12:17 pm

By the way, the original article lists 2 more files:
http://certcc.ir/index.php?name=news&fi ... e&sid=1892

Sooner or later some AV will pick up a sample, so let's see...
User avatar
R136a1
 
Posts: 136
Joined: Wed Jul 13, 2011 4:30 pm
Location: Germany
Reputation point: 73

Re: Flamer worm

Postby frame4-mdpro » Mon May 28, 2012 1:14 pm

More info emerging -- this time from the CrySyS Lab, who name it "sKyWIper".
PDF contains the hashes for the malware components as well.

http://www.crysys.hu/skywiper/skywiper.pdf
frame4-mdpro
 
Posts: 29
Joined: Wed Jul 13, 2011 1:53 am
Reputation point: 19

Re: Flamer worm

Postby Xylitol » Mon May 28, 2012 1:48 pm

You do not have the required permissions to view the files attached to this post.
Last edited by Xylitol on Mon May 28, 2012 2:00 pm, edited 1 time in total.
User avatar
Xylitol
Global Moderator
 
Posts: 1430
Joined: Sat Apr 10, 2010 5:54 pm
Location: Seireitei, Soul Society
Reputation point: 428

Re: Flamer worm

Postby R136a1 » Mon May 28, 2012 1:54 pm

User avatar
R136a1
 
Posts: 136
Joined: Wed Jul 13, 2011 4:30 pm
Location: Germany
Reputation point: 73

Re: Flamer worm

Postby rkhunter » Mon May 28, 2012 2:07 pm

Hmmm, interesting, international cyber-malware-wars become more and more...
User avatar
rkhunter
 
Posts: 1106
Joined: Mon Mar 15, 2010 12:51 pm
Location: Russian Federation
Reputation point: 146

Re: Flamer worm

Postby kmd » Mon May 28, 2012 2:09 pm

hehe, perfect time for av marketing, ooppps kaspersky already did it :D This time super-puper spy malware even without zerodays on board which makes it somehow uninterested. btw for me is bizzare how guys from av company pushes this yet another overrated crap and missing overall the main point -- systems protected by their products were vulnerable as well as any others :lol:
User avatar
kmd
 
Posts: 247
Joined: Mon Mar 15, 2010 4:09 am
Location: Russian Federation
Reputation point: 17

Re: Flamer worm

Postby rkhunter » Mon May 28, 2012 2:13 pm

Symantec - Flamer: Highly Sophisticated and Discreet Threat Targets the Middle East
http://www.symantec.com/connect/blogs/f ... iddle-east
User avatar
rkhunter
 
Posts: 1106
Joined: Mon Mar 15, 2010 12:51 pm
Location: Russian Federation
Reputation point: 146

Re: Flamer worm

Postby rkhunter » Mon May 28, 2012 4:08 pm

frame4-mdpro wrote:More info emerging -- this time from the CrySyS Lab, who name it "sKyWIper".
PDF contains the hashes for the malware components as well.

http://www.crysys.hu/skywiper/skywiper.pdf

Really great analysis! Seems Kaspersky, Symantec just copy-paste from it.
User avatar
rkhunter
 
Posts: 1106
Joined: Mon Mar 15, 2010 12:51 pm
Location: Russian Federation
Reputation point: 146

Re: Flamer worm

Postby EP_X0FF » Mon May 28, 2012 7:17 pm

http://lenta.ru/news/2012/05/28/flame/

Does not really matter now was it collaboration or copy-past :) Pionner title goes to Kaspersky.
Ring0 - the source of inspiration
User avatar
EP_X0FF
Global Moderator
 
Posts: 3939
Joined: Sun Mar 07, 2010 5:35 am
Location: Russian Federation
Reputation point: 488

Next

Return to Malware

Who is online

Users browsing this forum: No registered users and 7 guests