skywiper aka. Flamer

Discussion in 'Prevx Releases' started by szaki2, May 29, 2012.

Thread Status:
Not open for further replies.
  1. szaki2

    szaki2 Registered Member

    Joined:
    Apr 20, 2012
    Posts:
    29
    Location:
    Hungary
    Wsa Detect and remove this? Every big player on market release analysis for this. Webroot do that?
     
  2. fax

    fax Registered Member

    Joined:
    May 30, 2005
    Posts:
    3,726
    Location:
    localhost
    Guess so by now as they have some of the files in their records starting back from 2007. They should have a good overview of the infection and components breakdown.
     
  3. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    See my response:

    http://www.reuters.com/article/2012/05/28/net-us-cyberwar-flame-idUSBRE84R0E420120528

     
  4. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    Thanks for the information Joe! ;)

    Daniel
     
  5. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
  6. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    You have been a very busy man today Joe! :D

    Daniel
     
  7. superssjdan

    superssjdan Registered Member

    Joined:
    Dec 11, 2011
    Posts:
    148
    Location:
    USA
    You sure have been a busy man.You can tell Joe is a man with the utmost personal and professional integrity.Already Kaspersky,Symantec,Mcafee and others are using this much ado about nothing and blowing it up most likely as a means to push their software.They make it sound like the antichrist has arrived.Simply pathetic.Glad Joe and the team at Webroot won't stoop that low,but instead give interviews that give us a better perspective of the depth of the threat.
     
  8. trjam

    trjam Registered Member

    Joined:
    Aug 18, 2006
    Posts:
    9,057
    Location:
    North Carolina
    I am very proud of you and impressed. Just watch about it here in the states on national news and got the feeling it was overblown. You are right on with your comments. :thumb:
     
  9. SweX

    SweX Registered Member

    Joined:
    Apr 21, 2007
    Posts:
    6,429
    That's nice Joe. You always knows your stuff and should always be treated with respect :isay: :thumb:

    Not that it matters but 2007 you say, at that time you worked at Prevx and Webroot was it's own company. So are you saying that you first saw "flamer" in the Prevx cloud userbase in 2007? :doubt:
     
  10. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Yes, exactly.

    Thanks everyone! This will be continuing tomorrow I suspect, as I've just finished several more interviews this evening. I'll keep everyone updated here as I see them posted.
     
  11. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    Thank you! :)
     
  12. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
    Very true that's why I get upset when Flamer's come in here and disrespect Joe because he gives everything of himself to help any user if they have any issues and he gives it to you strait with no BS!

    TH

    c074.gif
     
  13. STV0726

    STV0726 Registered Member

    Joined:
    Jul 29, 2010
    Posts:
    900
    Hey Norton & McAfee:

    You didn't have to stoop so low!

    Now your just an AV that I'll never use!

    Gotye reference :D

    Anyway, thanks Joe. Can you be the best man at my wedding? I hold you in that high esteem.
     
  14. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,634
    Location:
    UK
    Whilst it's been noted Prevx first saw this in 2007, isn't there the possibility this "malware" can evolve over time? It's 5 years since that first "discovery".
     
  15. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    It's literally the exact same checksum as back then.
     
  16. The Seeker

    The Seeker Registered Member

    Joined:
    Oct 24, 2005
    Posts:
    1,100
    Location:
    Adelaide
    Some more from Joe on NPR.
     
  17. TonyW

    TonyW Registered Member

    Joined:
    Oct 12, 2005
    Posts:
    2,634
    Location:
    UK
    I do appreciate PrevxHelp's knowledge on this subject and I respect his expertise in this area. I do, however, also respect the views of Mikko Hypponen of F-Secure and Alexander Gostev of Kaspersky Labs.

    I don't suppose there is any right or wrong in this, but when I see an analysis as written by Gostev on the KL blog, I find it interesting to see the level of detail presented there.

    Even F-Secure has its own FAQ now. Interestingly, Mikko made this comment in one of his blog posts:
    Perhaps not in Prevx/Webroot's case in relation to Flamer. ;)
     
  18. Cutting_Edgetech

    Cutting_Edgetech Registered Member

    Joined:
    Mar 30, 2006
    Posts:
    4,950
    Location:
    USA
    Its good to see WSA (formerly Prevx) Cloud found it early on. That's what I like about cloud analysis. In many cases it finds malware much earlier than the rest. I believe the cloud will continue to play an important role in keeping up with the ever increasing amount of malware in the wild. WSA (Formerly Prevx) has been perfecting their cloud longer than the competition, and I believe their cloud is the most highly developed. It has been improved upon, and perfected for many years.
     
  19. Triple Helix

    Triple Helix Webroot Product Advisor

    Joined:
    Nov 20, 2004
    Posts:
    12,011
    Location:
    Ontario, Canada
  20. PrevxHelp

    PrevxHelp Former Prevx Moderator

    Joined:
    Sep 14, 2008
    Posts:
    8,242
    Location:
    USA/UK
    More ongoing coverage from the New York Times who I spoke with earlier: http://www.nytimes.com/2012/06/04/t...rom-kaspersky-a-computer-security-expert.html

     
  21. superssjdan

    superssjdan Registered Member

    Joined:
    Dec 11, 2011
    Posts:
    148
    Location:
    USA
    Thanks for sharing.Still suprises me all the press this is getting.Really liked the article actually.I'm sure certain vendors will be mentioning Flame in adverts for their 2013 editions.Kind of makes nautious.Kudos to you for sharing your thoughts with the world.Need an independant voice to temper the over the top paranoia.Hopefully more people get turned on to WSA through your exposure through all these interviews.Looking forward to the coming 2013 edition of WSA minus all the fluff etc. coming from the competition:D
     
  22. The Hammer

    The Hammer Registered Member

    Joined:
    May 12, 2005
    Posts:
    5,619
    Location:
    Toronto Canada
    They're starting to mention Flame in there 2012 products already.
     
Thread Status:
Not open for further replies.