Flame malware makers send 'suicide code' to infected computers
9th Jun 2012 | 21:09
Code removes all traces of tracking virus
The makers of the Flame computer virus have sent the malware a self-destruct code to remove it from infected machines.
Flame caused alarm last month after it was revealed to be stealing information from specifically targeted machines in the Middle East and North Africa, but mainly in Iran and Israel.
Over 600 machines are believed to have been infected, but after its presence was discovered by Russian security firm Kapersky, it appears the architects of the attack are now trying to cover their tracks.
Analysts at Symantec have been analysing the complex virus using 'honeypot' machines and reckon the 'suicide code' will now remove all traces of Flame's presence from infected machines.
"They're trying to cover their tracks in any way they can," said the company's principal security response manager Vikram Thakur.
"What's very interesting is that they were willing to take the risk of connecting to the servers, which could be watched."
The nature of the virus and the way it targeted machines in specific locations led many analysts to believe that a nation state is responsible for the Flame attack