Security players fan Flames of complex malware risk

Kaspersky claims Flame malware has been "in the wild" since 2010.

Virus alert

Kaspersky has described the newly-discovered Flame malware as one of the most complex pieces of malicious software in the history of cybercrime.

The Russian anti-virus vendor claims the malware can steal information from targeted systems, stored files, contact data and audio conversations, and described it as a tool for "cyber espionage."

Advertisement - Article continues below

Due to its extreme complexity, plus the targeted nature of the attacks, no security software detected it.

The wide variety of data it can steal has led Kaspersky to describe it as "one of the most advanced and complete attack-toolkits ever discovered."

The firm claims to have uncovered the software following an investigation into another type of malware called Wiper that has been credited with erasing data from a number of computers in Western Asia.

"During the analysis of these incidents, Kaspersky Lab's experts came across a new type of malware, now known as Flame," explained the company in a blog post.

"Preliminary findings indicate that this malware has been in the wild' since March 2010...[and] due to its extreme complexity, plus the targeted nature of the attacks, no security software detected it."

The malware is thought to operate by stealing data from infected machines, which is then passed onto a network of command-and-control servers located across the world.

Advertisement
Advertisement - Article continues below
Advertisement - Article continues below

"The exact infection vector is still to be revealed, but it is already clear that Flame has the ability to replicate over a local network using several methods, including the same printer vulnerability and USB infection method exploited by Stuxnet," said the blog post.

Compared to Stuxnet, a piece of malware that emerged in 2010 with the capability to stage four zero-day attacks at once, Flame is around 20 times larger.

"What is known is that it consists of multiple modules and is made up of several megabytes of executable code in total, meaning that analysing this cyber weapon requires a large team of top-tier security experts and reverse engineers with vast experience in the cyber defence field," the post concluded.

David Harley, senior researcher at internet security vendor ESET, said the malware is also understood to have attacked systems in Western Asia and Eastern Europe.

"Perhaps the most interesting feature is that the Iran National CERT has volunteered to share samples with security vendors, despite the fact that many software vendors (notably those headquartered in the US) are unable to trade legally with Iran," said Harley.

"This restriction may have hampered initial detection of the malware by security vendors outside the region, but samples have subsequently trickled into the mainstream via secondary sources."

Featured Resources

Key considerations for implementing secure telework at scale

Identifying the security risks and advanced requirements of a remote workforce

Download now

The State of Salesforce 2020

Your guide to getting the most from Salesforce

Download now

Fast, flexible and compliant e-signatures for global businesses

Be at the forefront of digital transformation with electronic signatures

Download now

Rethink your cybersecurity strategy for the new world

5 steps to secure the enterprise and be fit for a flexible future

Download now
Advertisement

Recommended

Malware attacks using machine identities doubled in 2019
cyber security

Malware attacks using machine identities doubled in 2019

4 Aug 2020
Andrew Daniels joins Druva as CIO and CISO
Cloud

Andrew Daniels joins Druva as CIO and CISO

22 Jul 2020
Over two dozen Android apps found stealing user data
Google Android

Over two dozen Android apps found stealing user data

7 Jul 2020
University of California gets fleeced by hackers for $1.14 million
ransomware

University of California gets fleeced by hackers for $1.14 million

30 Jun 2020

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

3 Aug 2020
How to use Chromecast without Wi-Fi
Mobile

How to use Chromecast without Wi-Fi

4 Aug 2020
UN report points to a 350% rise in phishing websites at start of 2020
phishing

UN report points to a 350% rise in phishing websites at start of 2020

7 Aug 2020