Hello,

We noticed you're browsing in private or incognito mode.

To continue reading this article, please exit incognito mode or log in.

Not an Insider? Subscribe now for unlimited access to online articles.

Christopher Mims

A View from Christopher Mims

Intelligence Agency Achieves "Holy Grail" of Malware Attacks

Stuxnet and Flame show that governments can weaponize what used to be the sole domain of hackers.

  • June 5, 2012

Flame, believed by experts to have been created by a Western intelligence agency for purposes of information gathering and espionage, has achieved what has long been called the “holy grail” for malware: replicating via Microsoft Windows’ built-in update system.

As Mikko Hypponen, chief research officer at F-Secure, outlined at the “News from the Lab” blog:

The full mechanism isn’t yet completely analyzed, but Flame has a module which appears to attempt to do a man-in-the-middle attack on the Microsoft Update or Windows Server Update Services (WSUS) system. If successful, the attack drops a file called WUSETUPV.EXE to the target computer.

This file is signed by Microsoft with a certificate that is chained up to Microsoft root.

Except it isn’t signed really by Microsoft.

Signed certificates are how computers know whom to trust. You’re using them every time your web browser switches over to the “https://” mode used by your bank and for e-commerce.

The larger, and to me more incredible, trend here is that Western intelligence agencies are now executing attacks more sophisticated than anything seen previously. In the wake of the astonishingly elaborate Stuxnet attack, if there’s one thing this new Flame exploit proves, it’s that some of the best hackers on the planet are now employed by governments.

This is not an entirely intuitive outcome, when you consider that hacking has traditionally been the bailiwick of a loose and more or less open source confederation of geniuses and malcontents – the sort of hive mind that is difficult to capture within the presumably small, secretive groups working at intelligence agencies.

Hear more about security at EmTech MIT.

September 11-14, 2018
MIT Media Lab

Register now
Want more award-winning journalism? Subscribe and become an Insider.
  • Insider Plus {! insider.prices.plus !}* Best Value

    {! insider.display.menuOptionsLabel !}

    Everything included in Insider Basic, plus the digital magazine, extensive archive, ad-free web experience, and discounts to partner offerings and MIT Technology Review events.

    See details+

    Print + Digital Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

    Technology Review PDF magazine archive, including articles, images, and covers dating back to 1899

    10% Discount to MIT Technology Review events and MIT Press

    Ad-free website experience

  • Insider Basic {! insider.prices.basic !}*

    {! insider.display.menuOptionsLabel !}

    Six issues of our award winning print magazine, unlimited online access plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Print Magazine (6 bi-monthly issues)

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

  • Insider Online Only {! insider.prices.online !}*

    {! insider.display.menuOptionsLabel !}

    Unlimited online access including articles and video, plus The Download with the top tech stories delivered daily to your inbox.

    See details+

    Unlimited online access including all articles, multimedia, and more

    The Download newsletter with top tech stories delivered daily to your inbox

/3
You've read of three free articles this month. for unlimited online access. You've read of three free articles this month. for unlimited online access. This is your last free article this month. for unlimited online access. You've read all your free articles this month. for unlimited online access. You've read of three free articles this month. for more, or for unlimited online access. for two more free articles, or for unlimited online access.