Tuesday, June 12, 2012

The Flame inside Stuxnet

taken from TechDigest
"Two weeks ago, when we announced the discovery of the Flame malware we said that we saw no strong similarity between its code and programming style with that of the Tilded platform which Stuxnet and Duqu are based on.

Flame and Tilded are completely different projects based on different architectures and each with their own distinct characteristics. For instance, Flame never uses system drivers, while Stuxnet and Duqu’s main method of loading modules for execution is via a kernel driver.

But it turns out we were wrong. Wrong, in that we believed Flame and Stuxnet were two unrelated projects.

Our research unearthed some previously unknown facts that completely transform the current view of how Stuxnet was created and its link with Flame."

(by Alexander Gostev from Kaspersky Lab Expert at SecureList)


More:

  • Back to Stuxnet: the missing link (SecureList)
  • Researchers Say Flame and Stuxnet Share Common Authors (Slashdot.org)
  • Kaspersky ontdekt verband tussen Stuxnet en Flame (Tweakers.net)

No comments:

Post a Comment

Related Posts Plugin for WordPress, Blogger...