Security researchers from Symantec, Kaspersky, BUND-CERT and ITU-IMPACT found important clues related to the identities of four developers heading the highly sophisticated espionage tool Flame, also known as Flamer. The attackers left behind key evidence on two C&C (command and control) servers. According to security researchers, the attackers tried to remove all forensic evidence but failed to do so after locking themselves out of the servers – ridiculous mistake, isn’t?
Read more here – http://www.wired.com/threatlevel/2012/09/flame-coders-left-fingerprints/