sinkhole

Flame malware network based on shadowy domains, fake names

The mysterious Flame malware used domain names registered with fake names to communicate with infected computers in the Middle East for at least four years, researchers said today.

Someone began creating the 86 domains and more than 24 IP addresses that host the command-and-control (C&C) servers as early as 2008, using fake identities and addresses in Austria and Germany to register them with GoDaddy and others, Roel Schouwenberg, senior researcher at Kaspersky Lab, said in a Web conference with reporters this morning. He speculated that stolen credit cards were used for the transactions.

The IP addresses point to … Read more