Crypto Attack Flame Smart Cyber Attacker

“Attackers behind espionage software that infected Iranian computers targeted hard-to-exploit weaknesses in a cryptographic algorithm, a feat that allowed them to counterfeit a Microsoft digital credential, a member of the company’s security team said.

Details of the “cryptographic collision attack,” which came in a blog post published Monday afternoon, are the latest testament to the skill and sophistication that went into engineering the Flame malware. While theoretical, collision exploits in real-world attacks are virtually unheard of. As a 2008 attack on the MD5 cryptographic algorithm demonstrated, collision attacks require huge amounts of computing power, even when exploiting decades-old hashing functions. To pull it off, researchers had to wield the power of 200 PlayStation 3 gaming consoles.”

See the rest of this exciting bit of news at Ars Technica

Share via social networks.