Spy virus 'Flame' infects Middle East

2012-05-28 17:08

Boston - Security experts have discovered a new data-stealing virus dubbed Flame they say has lurked inside thousands of computers across the Middle East for as long as five years as part of a sophisticated cyber warfare campaign.

It is the most complex piece of malicious software discovered to date, said Kaspersky Lab security senior researcher Roel Schouwenberg, whose company discovered the virus. The results of the Lab's work were made available on Monday.

Schouwenberg said he did not know who built Flame.

If the Lab's analysis is correct, Flame could be the third major cyber weapon uncovered after the Stuxnet virus that attacked Iran's nuclear programme in 2010, and its data-stealing cousin Duqu, named after the Star Wars villain.

The discovery by one of the world's largest makers of anti-virus software will likely fuel speculation that nations have already secretly deployed other cyber weapons.

"If Flame went on undiscovered for five years, the only logical conclusion is that there are other operations ongoing that we don't know about," Schouwenberg said in an interview.

The Moscow-based company is controlled by Russian malware researcher Eugene Kaspersky, and gained notoriety in cyber weapons research after solving several mysteries surrounding Stuxnet and Duqu.

Researchers at Kaspersky said they were only starting to understand how Flame works because it is so complex. The full significance will not be known until other cyber security firms obtain samples of Flame.

The Lab's research shows the largest number of infected machines are in Iran, followed by the Israel/Palestine region, then Sudan and Syria.

Massive virus

The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. It has about 100 times as much code as a typical virus designed to steal financial information, Schouwenberg said.

Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.

He said there was evidence to suggest the code was commissioned by the same nation or nations that were behind Stuxnet and Duqu, which were built on a common platform.

Both Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and employ a similar way of spreading.

That means the teams that built Stuxnet and Duqu might have had access to the same technology as the team that built Flame, he said.

Schouwenberg said he believed the attack was highly targeted, aimed mainly at businesses and academic institutions.

He estimated that no more than 5 000 personal computers around the world have been infected, including a handful in North America.

Kaspersky Lab discovered Flame while investigating reports that a virus dubbed Wiper was attacking computers in Iran.

The International Telecommunications Union, a UN agency that promotes research and co-operation on telecommunications technology, asked Kaspersky Lab to investigate those reports.

Schouwenberg said that his team discovered Flame, but failed to turn up anything that resembled Wiper.

Read more on:    itu  |  us  |  internet security
NEXT ON NEWS24X
SHARE:

Read News24’s Comments Policy

24.com publishes all comments posted on articles provided that they adhere to our Comments Policy. Should you wish to report a comment for editorial review, please do so by clicking the 'Report Comment' button to the right of each comment.

Comment on this story
6 comments
Add your comment
Comment 0 characters remaining
 

Inside News24

 
/News
 

Adventure holidays you HAVE to put on your bucket list

Need a break from your usual boring routine? Consider one of these places for your next adventure holiday.

 
 

Where were you when you last felt alive?

Top 10 water sports to try before you die
6 impressive camping tips
Free outdoor yoga classes
Watch: 5 skills to improve your BMX riding

Jobs in Cape Town [change area]

Property [change area]

Travel - Look, Book, Go!

Magical Massinga

Spend 5 nights at the gorgeous Massinga Beach Lodge in Mozambique and only pay for 4 from R13 220 per person sharing. Includes return flights, accommodation, transfers and romantic turndown. Book now!

Kalahari.com - shop online today

Save up to R1000 on Hisense smartphones!

View the large range of Hisense smartphones. Buy today and save up to R1000!

Deal of the week!

Save R1200 on the Samsung 48” smart full HD LED television now only R8799. Buy now!

Toys 4 for the price of 3

Buy 4 toys and get the cheapest FREE! Offer valid while stocks last. Shop now!

Mind blowing prices – As seen on TV

Get mind blowing prices on 1000’s of products! Shop now.

Save 20% on Nivea beauty products!

Buy any two Nivea beauty products and save 20%. Offer valid while stocks last. Shop now!

OLX Free Classifieds [change area]

Samsung Galaxy s4

Mobile, Cell Phones in South Africa, Western Cape, Cape Town. Date October 24

Best bargain in big bay

Real Estate, Houses - Apartments for Sale in South Africa, Western Cape, Cape Town. Date October 25

VW Golf 6, 1.6 Trendline (Excellent condition)

Vehicles, Cars in South Africa, Western Cape, Cape Town. Date October 25

Horoscopes
Aquarius
Aquarius

There is an easy social flow and the need to blend in, yet you may not feel entirely comfortable. Something beneath the surface...read more

There are new stories on the homepage. Click here to see them.
 
English
Afrikaans
isiZulu

Hello 

Create Profile

Creating your profile will enable you to submit photos and stories to get published on News24.


Please provide a username for your profile page:

This username must be unique, cannot be edited and will be used in the URL to your profile page across the entire 24.com network.

Settings

Location Settings

News24 allows you to edit the display of certain components based on a location. If you wish to personalise the page based on your preferences, please select a location for each component and click "Submit" in order for the changes to take affect.








Facebook Sign-In

Hi News addict,

Join the News24 Community to be involved in breaking the news.

Log in with Facebook to comment and personalise news, weather and listings.