The Flame attack was embarrassing for Microsoft and therefore somewhat hilarious, Sotirov said.

As expected, none of the yet-unknown Flame authors showed up to pick up the award at the ceremony. However, a man of Asian descent dressed in a dark green military costume stood up from his seat in the audience to applause and laughter from other attendees.

This year's "Most Epic FAIL" Pwnie award went to security hardware vendor F5 Networks, whose devices were found to contain a SSH private key for the root account that worked on all of them.

However, the nominees in this category also included the entire antivirus industry for failing to detect threats like Stuxnet, Duqu or Flame, and LinkedIn for suffering a data breach that resulted in the theft of 6.5 million easily crackable password hashes.

The Pwnie award for best client-side bug went to vulnerability researchers Pinkie Pie and Sergey Glazunov, for their respective Google Chrome sandbox escape exploits presented at the CanSecWest security conference earlier this year.