Header Ads

Super-virus Flame raises the cyberwar stakes

Flame, a stealthy and complex cyberweapon,
was found to be spying on Iran's government officials
 and computer systems.

NEW YORK (CNNMoney) -- The "Flame" virus, the most complex computer bug ever discovered, has been lurking for years inside Iranian government computers, spying on the country's officials.
Publicly unveiled this week, the bug is one of the most potent cyber weapons ever spotted in the wild. Security professionals say it marks a new milestone in the escalating digital espionage battle.
Flame's complexity and power "exceed[s] those of all other cyber menaces known to date," research firm Kaspersky Lab wrote in a dispatch about its investigation into Flame.
In a statement posted on its website on Monday, the Iranian National Computer Emergency Response Team (CERT) said it discovered Flame after "multiple investigations" over the past few months.
The stealthy malware has been in the wild for at least two years, the CERT team said, evading detection by security software.
It's a spy bug that's capable of, among other things, capturing what's on a user's screen, turning on a computer's microphone to record conversations, detecting who and what is on a network, collecting lists of vulnerable passwords, and transferring a user's computer files to another server.
The attack worked. Flame was likely responsible for recent incidents of "mass data loss" in the government, Iran's CERT team said in its terse announcement.
Patrik Runald, director of research at Websense Security Labs, said Flame is "potentially the most advanced malware to date, at least in terms of functionality combined with ability to stay hidden over a long period of time."
Flame is an unusually giant piece of malware: At 20 megabytes, it's about 20 to 30 times larger than typical computer bugs.
Yet it remained undetected in Iran's government computer systems dating back to at least 2010, and it was not discovered by any of the 43 antivirus programs the CERT team tested on it.
Now that Flame has been exposed, Iran is taking defensive measures. Iran's CERT said it developed a Flame detector over the past few weeks and it is spreading around a removal tool to rid the government's systems of the virus.
Computer viruses don't stay where you put them, and Iran probably isn't the only victim.
A Hungarian research lab that has been doing its own analysis said it has found traces of the bug in Europe and the United Arab Emirates. The lab, which began studying the virus this month, estimates that it may have been active "for as long as five to eight years."
Rea the full story here

No comments

Powered by Blogger.