Attackers try to wipe Flame virus from infected computers

June 8, 2012 12:21 PM PT

This article was originally on a blog post platform and may be missing photos, graphics or links. See About archive blog posts.

After news raced across the world last week of the powerful and intrusive Flame virus, the unknown attackers behind the cyber threat have tried to wipe it from infected computers.

Purging the virus is believed to be a bid to prevent victims from finding out their data was stolen. The massive and complex virus is in the hands of computer experts who are analyzing the code, trying to figure out how to protect computers from the malware.

“They’re trying to cover their tracks in any way they can,” said Vikram Thakur, principal security response manager at Symantec, a computer security company. “What’s very interesting is that they were willing to take the risk of connecting to the servers, which could be watched.”

“They threw caution to the wind,” Thakur said.

Late last week, a command was sent out designed to strip Flame from machines linked to some of the remaining working servers, overwriting the disks with gibberish to erase all traces of the infection, Symantec found. It detected the cleanup with a “honeypot,” a computer infected with Flame that reaches out to controlling servers and waits for commands.

It’s unclear exactly how many computers were cleaned. The cleanup command was created a few weeks before news of the Flame virus hit the media. ‘They know they’re being watched,’ Thakur said.

Experts say the powerful virus, first discovered by computer experts at the Kaspersky Lab headquartered in Moscow, is the most sophisticated malware ever seen. It sucks up information by stealing data, reading emails, capturing passwords and even recording sounds around the computer. The information is then funneled to a remote server -- a kind of dropbox for the pilfered data.

The virus struck computers across the Middle East and Europe and seems to have hit Iran hardest, fueling suspicions that Israel or the United States was behind it. The United Nations telecommunications chief told the BBC this week that “all indications” were the virus was crafted by a country, but he didn’t suspect the U.S.

‘Flame’ cyber-attack in Middle East raises whodunit questions

Russia computer experts who detected Flame malware issue warning

-- Emily Alpert in Los Angeles

/ Agence France-Presse/Getty Images

World Now

Attackers try to wipe Flame virus from infected computers

Major Supreme Court case could upend California’s homelessness policies

‘The fairy dust fades away’: Why the people who play Disneyland’s costumed characters are unionizing

Influential L.A. rabbi calls it a ‘just war’ but mourns the loss of innocent lives in Gaza

A ‘cold-blooded killer’ called Smiley haunted L.A. for 14 years. How he finally faced justice

Opinion: USC got it wrong in canceling valedictorian’s speech. Here’s what the school should do now