11 Jun Virus News: Resource 207: Kaspersky Lab Research Proves that Stuxnet and Flame Developers are Connected
Discovery of the Flame malware in May 2012 revealed the most complex cyber-weapon to date. At the time of its discovery, there was no strong evidence of Flame being developed by the same team that delivered Stuxnet and Duqu. The development approach of Flame and Duqu/Stuxnet was different as well, which lead to the conclusion that these projects were created by separate teams. However, the following in-depth research, conducted by Kaspersky Lab experts, reveals that these teams in fact cooperated at least once during the early stages of development.Quick FactsKaspersky Lab discovered that a module from the early 2009-version of Stuxnet, known as “Resource 207,” was actually a Flame plugin.This means that when the Stuxnet worm was created in the beginning of 2009, the Flame platform already existed, and that in 2009, the source code of at least one module of Flame was used in Stuxnet.This module was used to spread the infection via USB drives. The code of the USB drive infection mechanism is identical in Flame and Stuxnet.The Flame module in Stuxnet also exploited a vulnerability which was unknown at the time and which enabled escalation of privileges, presumably MS09-025.Subsequently, the Flame plugin module was removed from Stuxnet
07 Jun Virus News: Kaspersky Lab Experts Provide In-Depth Analysis of Flame’s C&C Infrastructure
On May 28, 2012 Kaspersky Lab announced the discovery of a highly sophisticated malicious program, known as Flame, which was actively being used as a cyber weapon targeting entities in several countries

America:

Western Europe:

Eastern Europe:

Middle East & Africa

Asia & Pacific

Virus News

Resource 207: Kaspersky Lab Research Proves that Stuxnet and Flame Developers are Connected

Kaspersky Lab Experts Provide In-Depth Analysis of Flame’s C&C Infrastructure