May 29, 2012
Meet FlameTopics: International News
Meet Flame, a new entrant in the cyberwar against Iran ... and elsewhere, considered by some to be the world's most complicated espionage software (it's purpose appears to be to gather intelligence) ... that is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation. You can think of Flame as Stuxnet on super steroids:
The malware, discovered by Russia-based anti-virus firm Kaspersky Lab, is an espionage toolkit that has been infecting targeted systems in Iran, Lebanon, Syria, Sudan, the Israeli Occupied Territories and other countries in the Middle East and North Africa for at least two years.One of Flame's niftiest and creepiest features is its ability to tune-in to conversations:
Dubbed "Flame" by Kaspersky, the malicious code dwarfs Stuxnet in size -- the groundbreaking infrastructure-sabotaging malware that is believed to have wreaked havoc on Iran's nuclear program in 2009 and 2010. Although Flame has both a different purpose and composition than Stuxnet, and appears to have been written by different programmers, its complexity, the geographic scope of its infections and its behavior indicate strongly that a nation-state is behind Flame, rather than common cyber-criminals -- marking it as yet another tool in the growing arsenal of cyberweaponry.
The researchers say that Flame may be part of a parallel project created by contractors who were hired by the same nation-state team that was behind Stuxnet and its sister malware, DuQu.
"Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide," said Eugene Kaspersky, CEO and co-founder of Kaspersky Lab, in a statement. "The Flame malware looks to be another phase in this war, and it's important to understand that such cyber weapons can easily be used against any country."
Among Flame's many modules is one that turns on the internal microphone of an infected machine to secretly record conversations that occur either over Skype or in the computer's near vicinity; a module that turns Bluetooth-enabled computers into a Bluetooth beacon, which scans for other Bluetooth-enabled devices in the vicinity to siphon names and phone numbers from their contacts folder; and a module that grabs and stores frequent screenshots of activity on the machine, such as instant-messaging and email communications, and sends them via a covert SSL channel to the attackers' command-and-control servers.Read the whole thing here.
Interestingly, although Iran appears to be the worst hit, 'Flame' is also 'Flaming' other countries as well. But note that the affected countries are all countries that are or could be of a concern to Israel ... including 'Palestinian Authority' computers. Does this mean the eeevil Joooz are involved (possibly with U.S. help)?
(Hat Tip: Memeorandum)
Posted by Hyscience at May 29, 2012 8:12 AM
Articles Related to International News:
- Meet Flame - May 29, 2012