Flame lights its own self-destruct fuse (zdnet.com.au)
From here, infected machines received a new module from the remaining command and control servers — browse32.ocx — which has the purpose of covering Flame’s tracks. It not only has a hit-list of all Flame-related files and folders to delete, but it subsequently rewrites random characters on the disk to ensure that the old data can’t be retrieved.
Discussions: