Flame, believed by experts to have been created by a Western intelligence agency for purposes of information gathering and espionage, has achieved what has long been called the “holy grail” for malware: replicating via Microsoft Windows’ built-in update system.
As Mikko Hypponen, chief research officer at F-Secure, outlined at the “News from the Lab” blog:
The full mechanism isn’t yet completely analyzed, but Flame has a module which appears to attempt to do a man-in-the-middle attack on the Microsoft Update or Windows Server Update Services (WSUS) system. If successful, the attack drops a file called WUSETUPV.EXE to the target computer.
This file is signed by Microsoft with a certificate that is chained up to Microsoft root.
Except it isn’t signed really by Microsoft.
Signed certificates are how computers know whom to trust. You’re using them every time your web browser switches over to the “https://” mode used by your bank and for e-commerce.
The larger, and to me more incredible, trend here is that Western intelligence agencies are now executing attacks more sophisticated than anything seen previously. In the wake of the astonishingly elaborate Stuxnet attack, if there’s one thing this new Flame exploit proves, it’s that some of the best hackers on the planet are now employed by governments.
This is not an entirely intuitive outcome, when you consider that hacking has traditionally been the bailiwick of a loose and more or less open source confederation of geniuses and malcontents – the sort of hive mind that is difficult to capture within the presumably small, secretive groups working at intelligence agencies.
It will soon be easy for self-driving cars to hide in plain sight. We shouldn’t let them.
If they ever hit our roads for real, other drivers need to know exactly what they are.
Maximize business value with data-driven strategies
Every organization is now collecting data, but few are truly data driven. Here are five ways data can transform your business.
Cryptocurrency fuels new business opportunities
As adoption of digital assets accelerates, companies are investing in innovative products and services.
Where to get abortion pills and how to use them
New US restrictions could turn abortion into do-it-yourself medicine, but there might be legal risks.
Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.