Search This Blog

Monday, May 28, 2012

'Flame virus aims to gather intelligence'



A vicious computer virus is ripping through the Middle East, and computer security experts warned Monday it could be the most sophisticated cyber-weapon in history.

The virus, or malware, dubbed "Flame" has already attacked computers in a host of countries including Iran, the victim of the bulk of the attacks, Israel, Palestine, Lebanon, and Egypt.

"We've found what might be the most sophisticated cyber weapon yet unleashed," Kaspersky Lab expert Alexander Gostev wrote on Monday in a blog post on the Moscow-based company's website. "Flame can easily be described as one of the most complex threats ever discovered."

Cyber-security experts say the bug’s complexity indicates it is the work of a government - not rogue hackers.

"I think it would hard to say that anyone other than a nation state would be behind it," Orla Cox of Symantec Security Response told the Huffington Post. "You're looking at a well organised well funded group."

Kaspersky researchers discovered Flame while working on a project for the United Nations, Gostev said, which asked them to figure out what was "deleting sensitive information across the Middle East."

That malware, dubbed Wiper, apparently pales in comparison with the threat posed by the “worm-like” abilities of Flame, which include “sniffing network traffic, taking screenshots, recording audio conversations, intercepting the keyboard” and more.

Though the precise details on how the “attack toolkit” enters a system and spreads are not yet known, Kaspersky suspects the attacks it has made so far are “targeted.”

Warning of its potentially crippling significance, the company compared the threat to famous cyber worms Duqu and Stuxnet, created to target an Iranian nuclear facility.

It’s possible that Flame has existed in some form since 2007.

"While its features are different, the geography and careful targeting of attacks couple with the usage of specific software vulnerabilities seems to put it alongside those familiar 'super-weapons' currently deployed in the Middle East,” Gostev wrote.

Kaspersky does not believe the virus was developed by the same team as Duqu and Stuxnet, but suggested its complexity could mean its tied to a government.

"It's big and incredibly sophisticated," he added. "It pretty much redefines the notion of cyberwar and cyberespionage."

No comments:

Post a Comment