Flame malware: So big, so overlooked

The most "complex malware ever found" -- Flame -- has taken the information security world by surprise. Given that it is said to have been around for years, how did everyone miss it?

The most "complex malware ever found" -- Flame -- has taken the information security world by surprise. Given that it is said to have been around for years, how did everyone miss it?

Several security research firms, including Symantec, Kaspersky, and McAfee, have been hard at work analyzing a specific piece of malware in the past few days after the Iranian Computer Emergency Response Team posted an alert about malicious code designed to steal and exfiltrate information from infected computers back to a network of at least 10 command and control servers.

However, as Budapest University's Laboratory of Cryptography and System Security (Crysys) reported in its analysis of the malware, it "may have been active for as long as five to eight years." Crysys also reported that the malware's footprint is massive -- some 20MB -- in stark contrast to traditional malware, which attempts to keep as low a profile as possible to avoid detection. Furthermore, the malware also appears to regularly send out information to command and control servers, which should have raised the concerns of a discerning network administrator.

But despite these apparent red flags, the Flame war didn't heat up until just recently.

Read more of "How did everyone miss Flame?" at ZDNet Australia.

About the author
 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Uber's tumultuous ups and downs in 2014 (photos)
The best and worst quotes of 2014 (pictures)
A roomy range from LG (pictures)
This plain GE range has all of the essentials (pictures)
Sony's 'Interview' heard 'round the world (pictures)
Google Lunar XPrize: Testing Astrobotic's rover on the rocks (pictures)