Flame disguised itself as a Windows update

John Moe Jun 5, 2012

You know those heist movies where the thieves dress up as security guards or cops in order to pull off the big job? Well, if all those characters were lines of computer code, that’s essentially how the Flame worm was able to travel around from machine to machine. Turns out Flame had obtained fake Microsoft security certificates that allowed it to pass itself off as an official Microsoft security update, even though it was ANYTHING BUT.


From Fox News:


“We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft,” the company said in its security blog.


The company responded to the discovery by advising customers how to block such malware, releasing a security update to fight it and updating its licensing service to reduce the risk of similar cybertattacks in the future.

So Microsoft’s response is, pretty much, “Yes yes, but trust us THIS time. Good luck with that.


Marketplace is on a mission.

We believe Main Street matters as much as Wall Street, economic news is made relevant and real through human stories, and a touch of humor helps enliven topics you might typically find…well, dull.

Through the signature style that only Marketplace can deliver, we’re on a mission to raise the economic intelligence of the country—but we don’t do it alone. We count on listeners and readers like you to keep this public service free and accessible to all. Will you become a partner in our mission today?

Your donation is critical to the future of public service journalism. Support our work today – for as little as $5 – and help us keep making people smarter.