Kaspersky Lab reveals its Research
VARINDIA- INDIA'S FRONTLINE IT MAGAZINE
The research conducted by Kaspersky Lab experts on the discovery of the Flame malware in May 2012 has revealed that the most complex cyberweapon to date. At the time of its discovery, there was no strong evidence of Flame being developed by the same team that delivered Stuxnet and Duqu.
The earliest known version of Stuxnet, contains a special module known as “Resource 207”. In the subsequent 2010 version of Stuxnet, this module was completely removed.
The "Resource 207" module is an encrypted DLL file and it contains an executable file that's the size of 351,768 bytes with the name "atmpsvcn.ocx". This particular file, as it is now revealed by Kaspersky Lab's investigation, has a lot in common with the code used in Flame. The list of striking resemblances includes the names of mutually exclusive objects, the algorithm used to decrypt strings, and the similar approaches to file naming.
Alexander Gostev, Chief Security Expert, Kaspersky Lab, said, "Despite the newly discovered facts, we are confident that Flame and Tilded are completely different platforms, used to develop multiple cyberweapons. They each have different architectures with their own unique tricks that were used to infect systems and execute primary tasks. The projects were, indeed, separate and independent from each other. However, the new findings that reveal how the teams shared source code of at least one module in the early stages of development prove that the groups cooperated at least once. What we have found is very strong evidence that Stuxnet/Duqu and Flame cyberweapons are connected."
For More Details See
www.varindia.com