Quite interestingly, sKyWIper stores information that it gathers on infected systems in a highly structured format in SQLite databases.
FORBES: The Real Flame Wars: W32.Flamer Found All Over the Middle East
2.
In addition, sKyWIper may have been active for as long as five to eight years, or even more. sKyWIper uses compression and encryption techniques to encode its files.
FORBES: The Real Flame Wars: W32.Flamer Found All Over the Middle East
3.
Our first insight suggests that sKyWIper is another info-stealer malware with a modular structure incorporating multiple propagation and attack techniques, but further analysis may discover components with other functionalities.
FORBES: The Real Flame Wars: W32.Flamer Found All Over the Middle East