Flame virus wiped out by its creators
2012.06.11 07:45 by Daniela
Tags: Flame, malware
Researchers have found that the Flame malware has initiated a self-destruct command that removes all traces of itself on infected machines that receive the instruction.
Flame has a built-in feature called SUICIDE that can be used to uninstall the malware from infected computers. However, its creators decided to distribute a different self-removal module to infected computers that connected to servers still under their control.
"This command was designed to completely remove Flamer," Symantec researchers wrote in a blog post. "The Flamer attackers were still in control of at least a few C&C servers, which allowed them to communicate with a specific set of compromised computers."
"The module contains a long list of files and folders that are used by Flamer. It locates every file on disk, removes it, and subsequently overwrites the disk with random characters to prevent anyone from obtaining information about the infection," says security company Symantec in a blog post.
Read more -here-