Blackhole's business model, Flashback's Mac fetish, ransomware's resurgence with Reveton, and Gauss' ability to guard against analysis among the game-changers this year

Dark Reading Staff, Dark Reading

December 7, 2012

11 Slides

Stuxnet set the bar for an advanced cyberweapon, with its ability to penetrate an air-gapped network, find systems controlling uranium-processing centrifuges, and physically destroy the hardware. Similarly, Flame sets the bar for a sophisticated cyberespionage operation, Kaspersky's Schouwenberg says.

The malware, first reported on in May, could spread within a network using the Windows update mechanism, a first for a malicious program. In addition, the attackers had found a way to generate a code-signing MD5 hash that exactly matched one used by Microsoft, allowing the program to bypass most security software. Once on a system, it would steal as much information as possible, using USB drives to exfiltrate data from computers not connected to the Internet.

"Overall, the quality is the probably the best that we've seen--the same or a bit above Stuxnet even," Schouwenberg says. "Being able to spread via Windows update blows everything out of the water."

Graphic: OpenDNS

About the Author(s)

Dark Reading Staff

Dark Reading

Dark Reading is a leading cybersecurity media site.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights