Hackers Fake Microsoft Update; Spread Malware
Cyber-crooks have reportedly used fake Microsoft credentials to spread the new Flame malware. In response, Microsoft has issued an 'emergency security advisory', along with a guide telling people how to protect their computer systems and networks.
The Flame virus is a bit unusual, in that it is designed to steal data rather than corrupt or take down computer systems.
Described by researchers at Kaspersky Lab as a "complete attack toolkit," the Flame virus is considered by many to be an even bigger security threat than the massive Stuxnet worm, which it closely resembles.
Flame Masquerades as Legitimate Microsoft Code
Although it was dangerous before, Flame now poses an even bigger risk. The cybercriminals behind it have successfully configured their virus to use legitimate Microsoft credentials to help it slip under network defenses.
In a recent post on the Microsoft Security Response Center blog, Microsoft stated: "We have discovered through our analysis that some components of the malware have been signed by certificates that allow software to appear as if it was produced by Microsoft." (Source: pcmag.com)
Experts believe that the people behind Flame have found and exploited a new flaw in the Terminal Server Licensing Service used by many IT administrators to authorize Remote Desktop services on Windows-based networks.
Because most IT systems accept legitimate Microsoft code by default, the Flame virus -- which can now appear legit to network defenses -- is often accepted and passed through to vulnerable computer data and systems.
Microsoft Sends Emergency Security Advisory
To combat this new danger, Microsoft has now released an Emergency Security Advisory that explains in great detail exactly how IT administrators can block any of Flame's rogue security certificates from gaining unauthorized access to networks.
But for some IT administrators, this may be too little, too late. nCircle security expert Andrew Storms warns that the "discovery of a bug that's been used to circumvent Microsoft's secure code certificate hierarchy is a major breach of trust," and points out that "it's a big deal for every Microsoft user." (Source: pcworld.com)
However, Flame is a highly targeted form of malware, so the systems of most home users are not likely to be targeted by those who designed this potent virus.
Storms believes the sophisticated nature of Flame's most recent attack lends weight to the theory that the hackers behind it represent a nation-state, meaning they may have the financial backing of a powerful government.
Free eBook: Getting Started: Your Guide to Windows 8. Windows 8 is arguably Microsoft's most daring Windows Operating system to date. Featuring an unusual tile-based Start screen that's optimized for touchscreen devices, Windows 8 is now available on all new computers, laptops and ultrabooks, and hybrid tablets. Whichever device you use Windows 8 on, you'll need to know a few things. First, how are you going to get the data from your current operating system to the new one? Second, you'll probably be wondering where Windows desktop has gone. Finally, you might be wondering: why did Microsoft remove the Start menu? This eBook answers all those questions, and more. Click here to download this eBook now! Note: this eBook is free, but registration is required; after that, you can select more ebooks and videos for download without registering again. If you have questions / problems with the registration form, please read this.