 A new, unprecedented computer virus called "Flame" (or "sKyWIper") has hit Iran, the West Bank, and other Middle Eastern locations. It is already considered one of the most sophisticated cyber weapons ever unleashed. Internet security company Kaspersky said Monday that Flame was the "most complex piece of malicious software discovered to date."
The cyber-espionage worm, designed to collect and delete sensitive information, is said to have 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility (and some 16,000 computers), causing centrifuges to fail. Iran blamed Israel and the US for its creation.
Flame is also believed to contain an element that was used in Stuxnet. Kaspersky said the Flame malware may have been lurking inside thousands of computers across the Middle East for between five and eight years. The creator of the virus is not yet known.
The Laboratory of Cryptography and System Security (CrySyS Lab), affiliated with Budapest University, said the analysis on the virus is still limited in scope, but that the virus is a complex "info-stealer... with large components."
Flame is the third cyber weapon uncovered recently, after Stuxnet and Duqu (named after a Star Wars villain).
The country with the largest number of machines infected by Flame is believed to be Iran, following by the West Bank, and Sudan and Syria after that. Lebanon, Saudi Arabia, and Egypt have also been affected.
From the Telegraph:
Crysys Lab, which analyses computer viruses at Budapest University. said the technical evidence for a link between Flame and Stuxnet or Duqu was inconclusive.
The newly-discovered virus does not spread itself automatically but only when hidden controllers allow it.
Unprecedented layers of software allow Flame to penetrate remote computer networks undetected.
The file, which infects Microsoft Windows computers, has five encryption algorithms, exotic data storage formats and the ability to steal documents, spy on computer users and more. Components enable those behind it, who use a network of rapidly-shifting "command and control" servers to direct the virus, to turn microphone into listening devices, siphon off documents and log keystrokes.
Eugene Kaspersky, the founder of Kaspersky Lab, noted that "it took us 6 months to analyse Stuxnet. [This] is 20 times more complicated".
Once a machine is infected additional modules can be added to the system allowing the machine to undertake specific tracking projects. 
|
