Flame malware targets Microsoft Update system: Patch now
- Thread starter mikesit
- Start date
)
PcTek9
Well-Known Member
- Reaction score
- 89
- Location
- Mobile, AL
Reuters just announced a few minutes ago that current u.s. officials confirmed that the u.s.a. and israel developed this and released it to spy internally on iran's computer systems and map out their network. It was brought to light by the washington post broke the story, and reuters just confirmed it.
They are calling the flame malware the most sophisticated intelligence gathering device ever seen. It messes with the microsoft update system.
They are calling the flame malware the most sophisticated intelligence gathering device ever seen. It messes with the microsoft update system.
Slaters Kustum Machines
Well-Known Member
- Reaction score
- 2,498
- Location
- Iowa
This is disturbing. A week or two ago I was looking through the virus logs on my personal Untangle box and noticed two entries from MS updates that were blocked....Wasn't sure what to make of it, still not actually.
PcTek9
Well-Known Member
- Reaction score
- 89
- Location
- Mobile, AL
If you get flame you will know about it. Your regular microsoft update appears to be occurring, but then you notice the hard drive light is continuously on, and a massive amount of data seems to be sucked out of your pc right through the net.
Then, you can't stop it, you press control alt delete and nothing, it continues, you have to physically unplug the machine, then you have 0 level the drive, then reinstall windows, and get the flame patch. It's not a bad idea to turn off windows updating if you seem to be getting targeted by "The Farm".
If you do get targeted disconnect your firewall from the net. Go to your router and only patch in one linux machine and download the microsoft updates on this, and burn a cd to take them to the windows machines.
Good luck.
- Reaction score
- 84
- Location
- East Coast, NC (USA)
YOU might have to zero the drive... but it's hardly necessary for any type of infection.
PcTek9
Well-Known Member
- Reaction score
- 89
- Location
- Mobile, AL
- Reaction score
- 84
- Location
- East Coast, NC (USA)
Believe what you want to Believe man. Good luck with your first flamed machine.
I don't 'believe' I KNOW. Welcome to the machine: read and learn!
Remove mssecmgr.ocx from the Authentication Packages value in HKLM\SYSTEM\CurrentControlSet\Control\Lsa then you're pretty much free to cleanup the leftovers. Detailed info on the malware and other components you'll want to get at here (note crysys calls it skywiper.)
This is easy info to find on Google if you have tried it.
EDIT: there is no malware in existence that requires you to ever zero a drive, unless you are lazy or not resourceful.
Last edited:
Encrypted Existence
Well-Known Member
- Reaction score
- 87
I was waiting for the "D7 does this" LOL!
PcTek9
Well-Known Member
- Reaction score
- 89
- Location
- Mobile, AL
You know from reading about it, I know from experience. I think you'll find the experience a bit different. It does a lot more than what you are being told. Good luck with your first flamed machine.
- Reaction score
- 84
- Location
- East Coast, NC (USA)
LOL I may just have to do that!
It seems that your experience is very limited, so visit this link and you can pick up samples to play around with in a VM to practice removal. I also think you should actually READ the link from my last post maybe you will understand a bit better how to remove it. Or you can keep taking the hard way out...
Last edited:
Vicenarian
Active Member
- Reaction score
- 19
Yeah this virus is just terrible...just search google for the terms "got flamed" and boy, there's like a million people complaining about this problem.
I've managed to discover an easy fix for the virus though; if your computer is properly cooled, it has a lower risk of catching the 'flame' infection, so make sure you're running LOTS of fans/heatsinks. It also helps if you're running some type of firewall software. And if you have water cooling, you're basically impenetrable to the 'flame' virus.
I've managed to discover an easy fix for the virus though; if your computer is properly cooled, it has a lower risk of catching the 'flame' infection, so make sure you're running LOTS of fans/heatsinks. It also helps if you're running some type of firewall software. And if you have water cooling, you're basically impenetrable to the 'flame' virus.
PcTek9
Well-Known Member
- Reaction score
- 89
- Location
- Mobile, AL
You are right and I am wrong. You have to watch out for me, b/c i post silly stuff like "u.s. government hackers can spy on anyone in the world using their webcam's and pc mic's through a flash exploit.". Then I'll have you right clicking on flash advertisements to turn off the web cam controls... LOL.
"They got everything..." -Retired Admiral John Mike McConnell - Ex Director of National Intelligence, overseer of NSA, CIA, DIA, advisor to president Obama and President Bush. Referencing the infiltration of US Intelligence systems by suspected chinese hackers.
"We know for a fact cyberhackers have probed our grid systems, and in other countries they have plunged entire cities into darkness" - President Obama.
In the unlikely event anyone has the alternate "flame trojan" experience, just follow my steps listed above and you will be fine.
"They got everything..." -Retired Admiral John Mike McConnell - Ex Director of National Intelligence, overseer of NSA, CIA, DIA, advisor to president Obama and President Bush. Referencing the infiltration of US Intelligence systems by suspected chinese hackers.
"We know for a fact cyberhackers have probed our grid systems, and in other countries they have plunged entire cities into darkness" - President Obama.
In the unlikely event anyone has the alternate "flame trojan" experience, just follow my steps listed above and you will be fine.
Similar threads
