Codebreaker

Flame disguised itself as a Windows update

John Moe Jun 5, 2012

You know those heist movies where the thieves dress up as security guards or cops in order to pull off the big job? Well, if all those characters were lines of computer code, that’s essentially how the Flame worm was able to travel around from machine to machine. Turns out Flame had obtained fake Microsoft security certificates that allowed it to pass itself off as an official Microsoft security update, even though it was ANYTHING BUT.

 

From Fox News:

 

“We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft,” the company said in its security blog.

 

The company responded to the discovery by advising customers how to block such malware, releasing a security update to fight it and updating its licensing service to reduce the risk of similar cybertattacks in the future.

So Microsoft’s response is, pretty much, “Yes yes, but trust us THIS time. Good luck with that.

 

We’re here to help you navigate this changed world and economy.

Our mission at Marketplace is to raise the economic intelligence of the country. It’s a tough task, but it’s never been more important.

In the past year, we’ve seen record unemployment, stimulus bills, and reddit users influencing the stock market. Marketplace helps you understand it all, will fact-based, approachable, and unbiased reporting.

Generous support from listeners and readers is what powers our nonprofit news—and your donation today will help provide this essential service. For just $5/month, you can sustain independent journalism that keeps you and thousands of others informed.