'Flame', the most sophisticated piece of malware to date, was discovered by the International Telecommunication Union (ITU) and Kaspersky Lab. This code is more complex and has more features than any known cyberweapon and is many times larger than Stuxnet which was a compact 500K. This monster is 20 Megabyte and has downloadable modules that can be turned on and off.
The most remarkable thing is that it remained undiscovered for two years, which is an eternity in the antivirus world. Flame is cyber espionage code that steals data such as computer display contents, stored files, victim contact info and audio conversations. But wait, this swiss army knife of malware can also sniff network traffic, take screenshots and intercept a keyboard. 'Flame' turns on bluetooth and tries to connect with and steal data from bluetooth devices close to it. It redefines the concept of cyberwar and cyber espionage, and Stuxnet, Duqu and Flame are now three cases where the antivirus industry has failed.
This malware is different from Stuxnet and its offspring Duqu, but it matches up with the Middle East attack area and the software vulnerabilities it uses. 'Flame' was named after one of its modules, and is still stealing data as you read this. Removal tools are slowly coming available, and Iran seems to have one by now. Wired had by far the best write-up of this, and shows a map of the area where 'Flame'has infected computers.
Most of the articles cautiously claim this is nation-sponsored but I will get one step further. Stuxnet and Duqu are obviously U.S. and Israel driven, probably DOD and NSA on the U.S side. 'Flame' though, has CIA and Mossad written all over it. Probably a project that ran in tandem with Stuxnet and Duqu, as they had access to the same
vulnerabilities, but written and executed by the real spy agencies. It will probably take decades before the truth comes out, but I don't think I'm wrong, time will tell. Here is the Wired article:
And this is an interview with Kevin Mitnick on CNN Monday May 29th:
The most remarkable thing is that it remained undiscovered for two years, which is an eternity in the antivirus world. Flame is cyber espionage code that steals data such as computer display contents, stored files, victim contact info and audio conversations. But wait, this swiss army knife of malware can also sniff network traffic, take screenshots and intercept a keyboard. 'Flame' turns on bluetooth and tries to connect with and steal data from bluetooth devices close to it. It redefines the concept of cyberwar and cyber espionage, and Stuxnet, Duqu and Flame are now three cases where the antivirus industry has failed.
This malware is different from Stuxnet and its offspring Duqu, but it matches up with the Middle East attack area and the software vulnerabilities it uses. 'Flame' was named after one of its modules, and is still stealing data as you read this. Removal tools are slowly coming available, and Iran seems to have one by now. Wired had by far the best write-up of this, and shows a map of the area where 'Flame'has infected computers.
Most of the articles cautiously claim this is nation-sponsored but I will get one step further. Stuxnet and Duqu are obviously U.S. and Israel driven, probably DOD and NSA on the U.S side. 'Flame' though, has CIA and Mossad written all over it. Probably a project that ran in tandem with Stuxnet and Duqu, as they had access to the same
vulnerabilities, but written and executed by the real spy agencies. It will probably take decades before the truth comes out, but I don't think I'm wrong, time will tell. Here is the Wired article:
And this is an interview with Kevin Mitnick on CNN Monday May 29th: