Skip to Content
Uncategorized

Intelligence Agency Achieves "Holy Grail" of Malware Attacks

Stuxnet and Flame show that governments can weaponize what used to be the sole domain of hackers.

Flame, believed by experts to have been created by a Western intelligence agency for purposes of information gathering and espionage, has achieved what has long been called the “holy grail” for malware: replicating via Microsoft Windows’ built-in update system.

As Mikko Hypponen, chief research officer at F-Secure, outlined at the “News from the Lab” blog:

The full mechanism isn’t yet completely analyzed, but Flame has a module which appears to attempt to do a man-in-the-middle attack on the Microsoft Update or Windows Server Update Services (WSUS) system. If successful, the attack drops a file called WUSETUPV.EXE to the target computer.

This file is signed by Microsoft with a certificate that is chained up to Microsoft root.

Except it isn’t signed really by Microsoft.

Signed certificates are how computers know whom to trust. You’re using them every time your web browser switches over to the “https://” mode used by your bank and for e-commerce.

The larger, and to me more incredible, trend here is that Western intelligence agencies are now executing attacks more sophisticated than anything seen previously. In the wake of the astonishingly elaborate Stuxnet attack, if there’s one thing this new Flame exploit proves, it’s that some of the best hackers on the planet are now employed by governments.

This is not an entirely intuitive outcome, when you consider that hacking has traditionally been the bailiwick of a loose and more or less open source confederation of geniuses and malcontents – the sort of hive mind that is difficult to capture within the presumably small, secretive groups working at intelligence agencies.

Keep Reading

Most Popular

Russian servicemen take part in a military drills
Russian servicemen take part in a military drills

How a Russian cyberwar in Ukraine could ripple out globally

Soldiers and tanks may care about national borders. Cyber doesn't.

Death and Jeff Bezos
Death and Jeff Bezos

Meet Altos Labs, Silicon Valley’s latest wild bet on living forever

Funders of a deep-pocketed new "rejuvenation" startup are said to include Jeff Bezos and Yuri Milner.

conceptual illustration showing various women's faces being scanned
conceptual illustration showing various women's faces being scanned

A horrifying new AI app swaps women into porn videos with a click

Deepfake researchers have long feared the day this would arrive.

ai learning to multitask concept
ai learning to multitask concept

Meta’s new learning algorithm can teach AI to multi-task

The single technique for teaching neural networks multiple skills is a step towards general-purpose AI.

Stay connected

Illustration by Rose WongIllustration by Rose Wong

Get the latest updates from
MIT Technology Review

Discover special offers, top stories, upcoming events, and more.

Thank you for submitting your email!

Explore more newsletters

It looks like something went wrong.

We’re having trouble saving your preferences. Try refreshing this page and updating them one more time. If you continue to get this message, reach out to us at customer-service@technologyreview.com with a list of newsletters you’d like to receive.