Researchers at Alphabet’s Chronicle Security say they have discovered what appears to be a new version of Flame malware that popped up in 2014 and likely remained active until 2016. The finding shows that instead of killing their operation, the attackers simply re-tooled their spy kit and added strong encryption to make it harder to detect and reverse engineer. “Nobody ever expected to see Flame again. We figured it was too old and expensive [for the attackers] to waste time retooling rather than … just build a whole new platform,” said Juan-Andres Guerrero-Saade, one of the Chronicle security researchers who made the discovery.
Source: Motherboard