Flame Malware Network Based On Shadowy Domains, Fake Names

June 04, 2012 By Ali Loney

1 minute read time

CNET News – (International) Flame malware network based on shadowy domains, fake names. The Flame malware used domain names registered with fake names to communicate with infected computers in the Middle East for at least 4 years, researchers said June 4. Someone began creating the 86 domains and more than 24 IP addresses that host the command-and-control (C&C) servers as early as 2008, using fake identities and addresses in Austria and Germany to register them with GoDaddy and others, a senior researcher at Kaspersky Lab said. He speculated that stolen credit cards were used for the transactions. The IP addresses point to hotels, doctor’s offices, and other non-existent businesses, while the C&C servers are located in Germany, the Netherlands, the United Kingdom, Switzerland, Hong Kong, Turkey, Poland, and Malaysia, according to Kaspersky.

Source: http://news.cnet.com/8301-1009_3-57446652-83/flame-malware-network-based-on-shadowy-domains-fake-names/

Tags: security, AppSec Spotlight

Written by Ali Loney

Ali Loney is a Senior UX Designer at Walmart Labs. She is based in Canada and was the former Graphic Designer at Sonatype.