FlameãŒä¸–ç•Œæœ€é«˜æ°´æº–ã®æŠ€è¡“ã«ã‚ˆã‚‹ã‚µã‚¤ãƒãƒ¼å…µå™¨ã§ã‚ã‚‹ã“ã¨ã‚’è¨¼æ˜Žã™ã‚‹æ©Ÿèƒ½ãƒªã‚¹ãƒˆ

f-secureãŒFlameã®å‡„ã•ã‚’æŒ‡æ‘˜ã—ã¦ã„ã‚‹ï¼š
http://www.f-secure.com/weblog/archives/00002383.html

ãƒ¦ãƒ¼ã‚¶ç›£è¦–

keyloggerã¨screengrabberã‚’ã‚‚ã¤

æš—å·åŒ–é€šä¿¡

SSHã€SSLã€LUAãƒ©ã‚¤ãƒ–ãƒ©ãƒªã‚’è£…å‚™

ãƒ•ãƒ«ãƒ†ã‚ã‚¹ãƒˆç›£è¦–

ã‚ªãƒ•ã‚£ã‚¹ã€PDFã€Autodeskãƒ•ã‚¡ã‚¤ãƒ«ãªã©ã®ãƒ‰ã‚ãƒ¥ãƒ¡ãƒ³ãƒˆã‚’ãƒ‡ã‚£ã‚¹ã‚¯ãƒ»ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ä¸Šã§ç™ºè¦‹ã€ãƒ†ã‚ã‚¹ãƒˆã‚’æŠ½å‡ºã—ãã‚Œã‚’sqliteãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹ã«ä¿å˜ã€‚

ç›—è´æ©Ÿèƒ½

ãƒžã‚¤ã‚¯ãƒãƒ•ã‚©ãƒ³ã‚’ã‚ªãƒ³ã«ã—ã¦ä¼šè©±ã‚’ã‚ªãƒ¼ãƒ‡ã‚£ã‚ªãƒ•ã‚¡ã‚¤ãƒ«ã¨ã—ã¦ä¿å˜ã€‚

åœ°åŸŸæƒ…å ±

ãƒ‡ã‚£ã‚¹ã‚¯ãƒ»ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ä¸Šã§ç”»åƒãƒ•ã‚¡ã‚¤ãƒ«ã‚’æŽ¢ã—ãã“ã‹ã‚‰GPSæƒ…å ±ã‚’æŠ½å‡ºã€‚ å†™çœŸãŒã¨ã‚‰ã‚ŒãŸå ´æ‰€ã‚’ä¿å˜ã€‚

é›»è©±ã‚‚

Bluetoothã§æŽ¥ç¶šã•ã‚ŒãŸã‚¹ãƒžãƒ›ã‹ã‚‰ã‚¢ãƒ‰ãƒ¬ã‚¹å¸³ã‚’ç›—ã¿å‡ºã™

éš”é›¢ã•ã‚ŒãŸãƒžã‚·ãƒ³ã‹ã‚‰ã‚‚â€¦

ã“ã®ã‚ˆã†ã«é›†ã‚ã‚‰ã‚ŒãŸæƒ…å ±ã¯æš—å·åŒ–ã•ã‚ŒãŸSQLiteãƒ‡ãƒ¼ã‚¿ãƒ™ãƒ¼ã‚¹ã¨ã—ã¦USBã‚¹ãƒ†ã‚£ãƒƒã‚¯ã«ä¿å˜ã•ã‚Œ ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã®ã‚ã‚‹ç’°å¢ƒã«è¾¿ã‚Šç€ã„ãŸã‚‰é€ã‚Šè¿”ã•ã‚Œã‚‹ã‚ˆã†ã«ãªã£ã¦ã„ã‚‹ã€‚ãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯ã¨æŽ¥ç¶šã•ã‚Œã¦ã„ãªã„ãƒã‚¤ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¼ç’°å¢ƒã‹ã‚‰ã‚‚æƒ…å ±ã‚’ç›—ã¿å‡ºã›ã‚‹ã‚ˆã†ã«ãªã£ã¦ã„ã‚‹ã€‚

...

è¨¼æ˜Žæ›¸æ¤œè¨¼ã‚‚æ‰“ã¡ç ´ã‚‹

Microsoft Updateã‚’å‚å—ã™ã‚‹proxyã«ã‚ˆã‚Šãƒãƒƒãƒˆãƒ¯ãƒ¼ã‚¯å†…ã®ä»–ã®ãƒžã‚·ãƒ³ã‚’æ„ŸæŸ“ã€‚
Microsoft Terminal Server license certificatesã‚’æ‚ªç”¨ã™ã‚‹ã“ã¨ã«ã‚ˆã‚Šå½ã®ã‚¢ãƒƒãƒ—ãƒ‡ãƒ¼ãƒˆã‚’æé€
ç‹¬è‡ªã®ã‚»ã‚ãƒ¥ãƒªãƒ†ã‚£ãƒ¼ç ”ç©¶ã«ã‚ˆã‚ŠMD5ãƒãƒƒã‚·ãƒ¥ã®è¡çªã‚’ä½œã‚Šå‡ºã™æ–¹æ³•ã‚’ç™ºè¦‹ã€‚ã“ã‚Œã«ã‚ˆã‚Šæ–°åž‹ã‚¦ã‚¤ãƒ³ãƒ‰ãƒ¼ã‚ºã‚’ã‚‚é¨™ã™å½certificateã‚’ä½œã‚Šã ã™ã€‚
- http://trailofbits.files.wordpress.com/2012/06/flame-md5.pdf

ä¸Šè¨˜ã®å·¥ä½œã¯ã‚¹ãƒ¼ãƒ‘ãƒ¼ã‚³ãƒ³ãƒ”ãƒ¥ãƒ¼ã‚¿ã‚’ä½¿ã„ã“ãªã™ã“ã¨ãŒå‰æã¨ãªã‚‹ã€‚ã“ã®ã‚ˆã†ãªé«˜åº¦ãªå›½å®¶ãƒ¬ãƒ™ãƒ«ã®ã‚¹ãƒ‘ã‚¤æ´»å‹•ãŒ2010å¹´ã‹ã‚‰è¡Œã‚ã‚Œã¦ã„ã‚‹ã“ã¨ã«ãªã‚‹ã€‚2010ãŒã‚µã‚¤ãƒãƒ¼æˆ¦äº‰å…ƒå¹´ã¨ã„ã†ã“ã¨ã«ãªã‚‹ã€‚

ãƒ¦ãƒ¼ã‚¶ç›£è¦–

æš—å·åŒ–é€šä¿¡

ãƒ•ãƒ«ãƒ†ã‚­ã‚¹ãƒˆç›£è¦–

ç›—è´æ©Ÿèƒ½