Note: Flame's ability to evade security without using zero-day flaws relied on a never-before-seen crypto attack, imbuing the malicious code with the equivalent of a "god mode" against Windows security.

Whoever built the malware known as Flame, Flamer, and Skywiper imbued it with serious stealth capabilities. Just how serious has been revealed over the past few days, as mathematicians have found a previously unknown type of "collision attack" built into the malware.

"[We] have confirmed that Flame uses a yet unknown MD5 chosen-prefix collision attack," noted Marc Stevens and B.M.M. de Weger, in comments that were republished on a cryptography mailing list.

"The collision attack itself is very interesting from a scientific viewpoint and there are already some practical implications," said the pair, who in 2008 helped devise the first-ever collision attack against the MD5 hash function, allowing for the creation of rogue or spoofed digital certificates.

A collision attack on a cryptographic hash involves finding two different inputs that produce the same hash value. According to Microsoft, Flame's creators successfully performed a collision attack against the Microsoft Terminal Services encryption algorithm. After doing so, they were able to...