Slide Show: Top 10 Malware Advances In 2012
Blackhole's business model, Flashback's Mac fetish, ransomware's resurgence with Reveton, and Gauss' ability to guard against analysis among the game-changers this year
Stuxnet set the bar for an advanced cyberweapon, with its ability to penetrate an air-gapped network, find systems controlling uranium-processing centrifuges, and physically destroy the hardware. Similarly, Flame sets the bar for a sophisticated cyberespionage operation, Kaspersky's Schouwenberg says.
The malware, first reported on in May, could spread within a network using the Windows update mechanism, a first for a malicious program. In addition, the attackers had found a way to generate a code-signing MD5 hash that exactly matched one used by Microsoft, allowing the program to bypass most security software. Once on a system, it would steal as much information as possible, using USB drives to exfiltrate data from computers not connected to the Internet.
"Overall, the quality is the probably the best that we've seen--the same or a bit above Stuxnet even," Schouwenberg says. "Being able to spread via Windows update blows everything out of the water."
Graphic: OpenDNS
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024