Security players fan Flames of complex malware risk

Kaspersky claims Flame malware has been "in the wild" since 2010.

Virus alert

Kaspersky has described the newly-discovered Flame malware as one of the most complex pieces of malicious software in the history of cybercrime.

The Russian anti-virus vendor claims the malware can steal information from targeted systems, stored files, contact data and audio conversations, and described it as a tool for "cyber espionage."

Advertisement - Article continues below

Due to its extreme complexity, plus the targeted nature of the attacks, no security software detected it.

The wide variety of data it can steal has led Kaspersky to describe it as "one of the most advanced and complete attack-toolkits ever discovered."

The firm claims to have uncovered the software following an investigation into another type of malware called Wiper that has been credited with erasing data from a number of computers in Western Asia.

"During the analysis of these incidents, Kaspersky Lab's experts came across a new type of malware, now known as Flame," explained the company in a blog post.

"Preliminary findings indicate that this malware has been in the wild' since March 2010...[and] due to its extreme complexity, plus the targeted nature of the attacks, no security software detected it."

The malware is thought to operate by stealing data from infected machines, which is then passed onto a network of command-and-control servers located across the world.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"The exact infection vector is still to be revealed, but it is already clear that Flame has the ability to replicate over a local network using several methods, including the same printer vulnerability and USB infection method exploited by Stuxnet," said the blog post.

Compared to Stuxnet, a piece of malware that emerged in 2010 with the capability to stage four zero-day attacks at once, Flame is around 20 times larger.

"What is known is that it consists of multiple modules and is made up of several megabytes of executable code in total, meaning that analysing this cyber weapon requires a large team of top-tier security experts and reverse engineers with vast experience in the cyber defence field," the post concluded.

David Harley, senior researcher at internet security vendor ESET, said the malware is also understood to have attacked systems in Western Asia and Eastern Europe.

"Perhaps the most interesting feature is that the Iran National CERT has volunteered to share samples with security vendors, despite the fact that many software vendors (notably those headquartered in the US) are unable to trade legally with Iran," said Harley.

"This restriction may have hampered initial detection of the malware by security vendors outside the region, but samples have subsequently trickled into the mainstream via secondary sources."

Featured Resources

Successful digital transformations are future ready - now

Research findings identify key ingredients to complete your transformation journey

Download now

Cyber security for accountants

3 ways to protect yourself and your clients online

Download now

The future of database administrators in the era of the autonomous database

Autonomous databases are here. So who needs database administrators anymore?

Download now

The IT expert’s guide to AI and content management

Your guide to the biggest opportunities for IT teams when it comes to AI and content management

Download now
Advertisement

Recommended

Visit/security/vulnerability/355276/businesses-brace-for-second-fujiwhara-effect-of-2020-as-patch-tuesday
vulnerability

Businesses brace for second 'Fujiwhara effect' of 2020 as Patch Tuesday looms

9 Apr 2020
Visit/security/cyber-security/355267/zoom-hires-ex-facebook-cso-to-boost-platform-security
cyber security

Zoom hires ex-Facebook CSO Alex Stamos to boost platform security

8 Apr 2020
Visit/security/vulnerability/355236/hp-support-assistant-flaws-leave-windows-devices-open-to-attack
vulnerability

HP Support Assistant flaws leave Windows devices open to attack

6 Apr 2020
Visit/security/cyber-security/355234/safari-bug-let-hackers-access-cameras-on-iphones-and-macs
cyber security

Safari bug let hackers access cameras on iPhones and Macs

6 Apr 2020

Most Popular

Visit/software/video-conferencing/355257/taiwan-first-country-to-ban-zoom-amid-security-concerns
video conferencing

Taiwan becomes first country to ban Zoom amid security concerns

8 Apr 2020
Visit/mobile/mobile-phones/355239/microsofts-patent-design-reveals-a-mobile-device-with-a-third-screen
Mobile Phones

Microsoft patents a mobile device with a third screen

6 Apr 2020
Visit/security/cyber-security/355271/microsoft-gobbles-up-corpcom-domain-to-keep-it-from-hackers
cyber security

Microsoft gobbles up corp.com domain to keep it from hackers

8 Apr 2020