- Third major cyber weapon after attack on nuclear plant
- Most complex virus ever found 'in the wild'
- Designed for surveillance - can even turn on PC microphones to listen to people
- Not clear which country made Flame - or what it does
- 100 times as complex as 'normal' PC viruses
 |
| The virus, called 'Flame' is the third major cyber weapon uncovered after the Stuxnet virus that attacked Iran's nuclear program in 2010, and its data-stealing cousin Duqu, named after the Star Wars villain |
The virus, discovered by security experts Kaspersky Labs, marks a new era in cyber warfare.
The virus, called 'Flame' is the third major cyber weapon uncovered after the Stuxnet virus that attacked Iran's nuclear program in 2010, and its data-stealing cousin Duqu, named after the Star Wars villain.
The virus is 100 times more complex than normal PC viruses, and designed to steal information - it can even turn on microphones on infected PCs to listen to conversations.
All the viruses are so complex they are said to have required the resources of a nation state to create.
Many security experts - including U.S. officials - have said that it was likely that Stuxnet was made by the U.S.
But Flame is the most complex piece of malicious software discovered to date, said Kaspersky Lab security senior researcher Roel Schouwenberg, whose company discovered the virus.
The discovery by one of the world's largest makers of anti-virus software will likely fuel speculation that nations have already secretly deployed other cyber weapons.
'If Flame went on undiscovered for five years, the only logical conclusion is that there are other operations ongoing that we don't know about,' Schouwenberg said in an interview.
The Moscow-based company is controlled by Russian malware researcher Eugene Kaspersky, and gained notoriety in cyber weapons research after solving several mysteries surrounding Stuxnet and Duqu.
Researchers at Kaspersky said they were only starting to understand how Flame works because it is so complex. The full significance will not be known until other cyber security firms obtain samples of Flame.
The Lab's research shows the largest number of infected machines are in Iran, followed by the Israel/Palestine region, then Sudan and Syria.
 |
| Iranian President Mahmoud Ahmadinejad, center, visits the Natanz Uranium Enrichment Facility some 200 miles (322 kilometers) south of the capital, Tehran, Iran |
Earlier this year, Kaspersky labs said that Duqu and Stuxnet were part of a 'family' of viruses created in the same place.
Duqu - a 'trojan horse' program related to Stuxnet which was detected in industrial systems earlier this year, also searches for Stuxnet and Duqu-infected machines.
Duqu is designed to steal information which could be used in cyber attacks on industrial control systems. It's a 'scout' program that could be used in preparation for a crippling cyber attack.
Both appear to be searching for three other 'relatives' that have never yet been found.
THE MOST COMPLEX 'CYBER WEAPON' OF ALL TIME - WHAT FLAME DOES
The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail.
It has about 100 times as much code as a typical virus designed to steal financial information, Kaspersky Labs said.
Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.
He said there was evidence to suggest the code was commissioned by the same nation or nations that were behind Stuxnet and Duqu, which were built on a common platform.
0 Comments