EFY Times  
Saturday, May 25, 2013

 
GO
Flame Existed Before Stuxnet; Both Are Related!
 
Home >> Infotech >> Trends
 
 

Flame Existed Before Stuxnet; Both Are Related!

The Flame platform already existed when Stuxnet was created in early 2009. The under cover 'resource 207' links Flame to Stuxnet.

In-depth research, conducted by Kaspersky Lab's experts, has revealed that Stuxnet and Flame are connected to each other in early development stage. "By the time Stuxnet was created in early 2009, the Flame platform was already in existence. The Stuxnet code of 2009 used a module built on the Flame platform, probably created specifically to operate as part of Stuxnet," said Aleks Gostev, chief security expert, Global Research and Analysis Team, Kaspersky Lab.

The Flame cyber espionage worm affected major Middle East countries like Iran, Lebanon, Syria, Israel, Sudan, Egypt and Saudi Arabia. Previously EFYTimes.com had reported that Flame was a new species of cyber weapon that took birth recently, but research reveals that Flame is much more complex than Duqu and after 2009, the evolution of the Flame platform continued independently from Stuxnet.

Experts from Kaspersky Lab found out the main differences in the three different variants of the Stuxnet worm, created in June 2009, and in March and April 2010. Firstly, the 2009 variant didn't use the MS10-046 LNK file vulnerability. Secondly, in 2009, Stuxnet only had one driver file; in 2010 there were two (the second was added specifically to work with the LNK vulnerability). Finally, Stuxnet used a special trick with the 'autorun.inf' file to infect USB drives.

All the other differences involve minor modifications to Stuxnet's internal structure – some modules were deleted and their functions transferred to other modules. The most significant of those changes involved 'resource 207'. Resource 207 is 520,192 bytes in size and can be found in the 2009 version of Stuxnet. It was later dropped altogether in the 2010 version, when its code was merged into other modules.

Map of resources in Stuxnet 2009

"In October 2010, our automatic system received a sample and on inspection it was classified as a new Stuxnet variant, Worm.Win32.Stuxnet.s. With Stuxnet being such a big thing, we looked at the sample to see what it was! Sadly, it didn't look like Stuxnet at all, it was quite different. So we decided to rename it to Tocy.a and thought. When Flame was discovered in 2012, we started looking for older samples that we might have received. Between samples that looked almost identical to Flame, we found Tocy.a," said Gostev.

"Going through the sample processing system logs, we noticed it was originally classified as Stuxnet. Checking the logs, we discovered that the Tocy.a, an early module of Flame, was actually similar to 'resource 207' from Stuxnet. It was actually so similar, that it made our automatic system classify it as Stuxnet. Practically, Tocy.a was similar to Stuxnet alone and to no other sample from our collection. This is how we discovered the incredible link between Flame and Stuxnet," added Gostev.

-Debashis Sarkar

  
 
Rate this news:  (0 Votes)




Print Email Comment 
(Total Views: 681)
Share
 
 
Infotech News
   
What's New In The Xbox 'One' Console
Intel's New Chip Will Improve Battery Life Of Laptops
Sacked iGate CEO Calls Roiz’s Charges As 'An Attempt At Extortion'
Google Sends Out Glass Invites To Non-Developers
Apple Needs iOS 7 To Catch Up With Google
 
Most popular
 
 
 
 
Features
How Does Micromax Canvas 2 Plus Compare Against Canvas 2?
The company's high-selling Canvas 2 smartphone was recently upgraded with better hardware. ...
Here's All About Phaneesh Murthy, iGate's Sacked CEO
A brilliant technology businessman, a philanthropist and a man of controversies. Here's all what you want to know about Phaneesh Murthy, the recently ...
 
  View All
Dialogue
 
“Open Source Technology Will Bring In A Services-Based Model With A Reasonable Opex, Zero Capex”
myOpenSourceStore.com is an open source solutions provider catering to businesses worldwide. ...
How OSS Helped A Construction Company Almost Halve Its IT Budget!
SEW Infra has been able to save nearly 40 per cent of its IT budget by deploying open source solutions....
Face To Face With Richard Stallman
The father of the free software movement, Richard M. Stallman talks on topics including why ‘Free Software’ matters so much, the entire confusion crea...
“We See India As Our Top Priority And Believe It To Be A Fascinating Market”
In an exclusive interview with EFY, Yamashita talks about the potential market in India, and Fujitsu’s marketing strategy to explore it....
Indian Market Is A Quality Conscious Market And The Customers Pay The Price For Quality
In an exclusive interview with EFY, Hidekazu Katsuno, president, ROHM Semiconductor Singapore Pte Ltd, talks about the company's strategy to capture t...
   
  View All
Daily App Review
 
Daily App Review: Waze-GPS & Traffic (iOS And Android)
Yes, we have maps and we have step-by-step navigation. But getting traffic details remains a pain in India. Unless you happen to be using Waze....
Daily App Review: Everything.me (Android And iOS)
It runs totally off the Web, needs no installation whatsoever, and does what is unthinkable to many people--gives Google and Bing a run for their mone...
Daily App Review: Discovr People (iOS)
So you have joined Twitter and have no idea about whom to follow. Don't worry, there's an app for that. ...
Daily App Review: Angry Birds Space (Android And iOS)
The flingable fowls are back. And this time, Rovio has finally added a new spin to the game, with some help from gravity. ...
Daily App Review: Nokia Drive 2.0 (Windows Phone)
One of the best navigation apps we have ever seen on a handset can now work in offline mode too. Yep, you can now get directions without a network con...
Daily App Review: Draw Something Free (Android And iOS)
Almost like clockwork, every few months there comes along an app that surprises everyone (including those who love it) by becoming a sensation. Angry ...
Daily App Review: Songify For iOS
Just speak normally. And this app will turn it into a song, complete with music. For free. ...
Daily App Review: Creative Studio (Lumia 800 And 710)
Windows Phone users--or at least those that have a Nokia Lumia 800 or Lumia 710--will be delighted at the news that Nokia has released a free image tw...
Daily App Review: Price of Persia Classic HD (iPad)
You can divide the world into two categories--those have played Prince of Persia and those who do not like playing videogames. And now the classic ver...
Daily App Review: Waze-GPS & Traffic (iOS And Android)
Yes, we have maps and we have step-by-step navigation. But getting traffic details remains a pain in India. Unless you happen to be using Waze....
Daily App Review: PressReader (iPad And Honeycomb)
It was one of the tech fantasies promised to us by sci-fi films--wake up in the morning and you will get the newspaper on a gadget that just needs to ...
Daily App Review: Pixlr-o-matic (Android)
You can say that there are two kinds of people who play around with photo apps on Android--those who keep asking for Instagram for Android and those w...
Daily App Review: Parking Frenzy 2.0 For Android
It is not often that you see Indian games shooting to the top of the popularity lists in the Android Market. Well, Parking Frenzy has managed to do ju...
Daily App Review: Klik For iPhone
Among all the gadgetry on display in Mission Impossible IV, perhaps the most striking was an iPhone app that could identify people who appeared on the...
Daily App Review: Dolphin Browser 7.4 HD (Android)
Dolphin HD, one of the most popular third-party browsers on Android, has just got an update. And with it comes voice recognition. ...
Daily App Review: Clear (iPhone And iPod touch)
Once in a while there comes along an app that some dismiss as being not useful enough, but which still gets downloaded by the thousands because the li...
   
 
Comments
 
Pramod said:   "The actual picture of the product ..." on Panasonic Develops Solar Lanterns ... '
Pramod said:   "Dear DK DhirIts not any one such ..." on Panasonic Develops Solar Lanterns ... '
Events
 
12 Nov: LASER World Of PHOTONICS INDIA

View All
   
   
 
 

home archives contact us advertise with us
           
Magazines Portals Directories Events News Verticals Educational Institute  
Electronics for You
LINUX for You
Facts for You
Electronics Bazaar		 electronicsforu.com
efytimes.com
bpotimes.com
linuxforu.com		 Electronics Annual Guide
 EFY EXPO
EFY Awards
EduTech Expo
OSIWEEK Expo 		Electronics
Infotech
Linux & Open Source
Consumer Electronics
Science & Technology
BPO		 EFY Techcenter 
 
 
© Copyright 2013 EFY Enterprises Pvt. Ltd.
All rights reserved. Reproduction in whole or in part in any form or medium without written permission is prohibited.
Usage of the content from the web site is subject to Terms and Conditions