Highly sophisticated malware being used to spy on several countries, mostly in the Middle East, that has been around for more than two years has been discovered by Kaspersky Lab, the research arm of the Russian security products company announced May 28. Detected by researchers as Worm.Win32.Flame – or more simply, Flame – it’s designed to carry out cyber espionage and steal valuable information, including, but not limited to, computer display contents, information about targeted systems, stored files, contact data and audio conversations, Kaspersky Lab says.Kaspersky Lab’s chief security expert, Alex Gostev, characterizes Flame as a super-cyberweapon such as Stuxnet and Duqu, and in his blog contends it’s “one of the most complex threats ever discovered. It’s big and incredibly sophisticated. It pretty much redefines the notion of cyberwar and cyberespionage.”
Gostev identifies Flame’s targets as: Iran, Israel and/or Palestine, Sudan, Syria, Lebanon, Saudi Arabia and Egypt. Nearly half of the 382 Flame attacks identified by Gostev targeted facilities in Iran. Roger Thompson, chief emerging threats researcher for ICSA Labs, also identifies organizations in Hungary as being targeted. Gostev says from Kaspersky’s initial analysis, the creators of Flame are looking for any kind of intelligence: e-mails, documents, messages, discussions inside sensitive locations, “pretty much everything. We have not seen any specific signs indicating a particular target such as the energy industry – making us believe it’s a complete attack toolkit designed for general cyber-espionage purposes.”
There doesn’t seem to by a visible pattern in the type of organization Flame targets, he says, adding that victims include individuals, government-related organizations and educational institutions. Thompson, in his blog, that Flame portends ill for its victims. “One of the tenets of computer security is that if a skilled hacker is in your networks for long enough, you can never get them out again, because they know more about your network than you do, and these hackers , were skilled… highly skilled,” he says.
Full Article: Flame: Massive, advanced cyber threat uncovered.