(Ping! Zine Web Tech Magazine) – In the wake of last’s week’s enormous ‘Flame’ virus revelation, there appears to be some rather fishy activity going on via the C&C servers of the virus’s administrators.
According to a post by Symantec, the control servers have sent “suicide” commands to infected systems, thus deleting the virus’s operation on those computers. Meanwhile, the security company referred to the new command as a type of “uninstaller.”
“It locates every file on disk, removes it, and subsequently overwrites the disk with random characters to prevent anyone from obtaining information about the infection,” commented the company via its official blog.
Looks like someone is trying to cover their tracks! When ‘Flame’ was discovered last week, Kaspersky Lab referred to it as “the most sophisticated cyber weapon yet unleashed.” It was capable of performing a number of secretive tasks such as key logging, screenshot taking and more. Kaspersky noted it was likely launched from a nation state.
The virus itself has most notably affected systems in the middle-eastern country of Iran. Meanwhile, Symantec provided a list of the deleted files initiated through the virus removal.