Flame spy malware infiltrating Middle East computers

Russia-based anti-virus firm Kaspersky Labs has described a new cyber attack toolkit dubbed Flame (Worm.Win32.Flame) which they describe as "what might be the most sophisticated cyber weapon yet." Their analysis suggests that Flame is a state-supported effort rather than one created by hacktivists or cybercriminals.

"Flame shares many characteristics with notorious cyber weapons Duqu and Stuxnet: while its features are different, the geography and careful targeting of attacks coupled with the usage of specific software vulnerabilities seems to put it alongside those familiar 'super-weapons' currently deployed in the Middle East by unknown perpetrators. Flame can easily be described as one of the most complex threats ever discovered. It’s big and incredibly sophisticated. It pretty much redefines the notion of cyberwar and cyberespionage."

Flame appears to be designed "to systematically collect information on the operations of certain nation states in the Middle East, including Iran, Lebanon, Syria, Israel and so on." Initial infection can be from an infected USB drive, spear phishing or an infected web site. Here’s a map of the top seven affected countries.

More information is available in articles on Wired (Meet ‘Flame’, The Massive Spy Malware Infiltrating Iranian Computers) and the BBC (Flame: Massive cyber-attack discovered, researchers say).


Posted

in

,

by

Tags: