Kaspersky Uncovers Massive 'Flame' Malware Attack
The researchers say the attack toolkit 'pretty much redefines the notion of cyberwar.'
Kaspersky Lab researchers recently uncovered new malware, called Worm.Win32.Flame, which they say "might be the most sophisticated cyber weapon yet unleashed."
"Flame can easily be described as one of the most complex threats ever discovered," Kaspersky Lab chief security expert Aleks Gostev wrote in a blog post. "It's big and incredibly sophisticated. It pretty much redefines the notion of cyberwar and cyberespionage."
"Flame is an attack toolkit -- rather than a 'throwaway' single-operating piece of malware -- like Stuxnet and Duqu -- which has the ability to relay back through the 'eyes and ears' of a computer," writes ZDNet's Zack Whittaker.
"Iran has thus far been hardest hit by Flame, with at least 189 infections," writes PCMag.com's Chloe Albanesius. "Israel/Palestine came in second with 98, followed by Sudan (32), Syria (30), Lebanon (18), Saudi Arabia (10), and Egypt (5)."
"Although the exact entry point and method is unclear, once the malware is inside a network it can start to sniff traffic and can perform other tasks such as taking screenshots, recording audio conversations and intercepting the keyboard," writes Computer Business Review's Steve Evans.
"It also opens a backdoor to infected systems to allow the attackers to tweak the toolkit and add new functionality," writes Wired's Kim Zetter. "The malware, which is 20 megabytes when all of its modules are installed, contains multiple libraries, SQLite3 databases, various levels of encryption -- some strong, some weak -- and 20 plug-ins that can be swapped in and out to provide various functionality for the attackers."
"[The] sheer complexity of Flame suggests it is a government operation and not the work of petty cybercriminals," writes ITProPortal's Rawiya Kameir. "Still, its origins are unknown."
"The risk of cyber warfare has been one of the most serious topics in the field of information security for several years now," Kaspersky Lab CEO and co-founder Eugene Kaspersky said in a statment. "Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide. The Flame malware looks to be another phase in this war, and it's important to understand that such cyber weapons can easily be used against any country."
Editor's Note: For more on this story, read Understanding the Flame Malware.