Flame creators make virus commit ‘suicide'

The creators of the world's most complicated espionage virus, Flame, have sent a ‘suicide' command that removes it from some infected computers.

Security firm Symantec caught the command using booby-trapped computers set up to watch Flame's actions.

Like other security firms, Symantec has kept an eye on Flame using so-called ‘honeypot' computers that report what happens when they are infected with a malicious program.

According to Symantec, the ‘suicide' command was “designed to completely remove Flame from the compromised computer,” the BBC reports.

The command located every Flame file sitting on a PC, removed it and then overwrote memory locations with gibberish to thwart forensic examination. “It tries to leave no traces of the infection behind,” Symantec wrote on its blog.

Flame came to light last week after the U.N.'s telecom body asked for help in spotting a virus found stealing data from many PCs in the Middle East. Analysts who have investigated the virus said Flame, also called Skywiper, was one of the most complex computer espionage threats ever seen.

Recommended for you
This article is closed for comments.
Please Email the Editor

Printable version | Oct 1, 2020 8:08:24 AM |

Next Story