Channels

Illustration
Photo: Shutterstock

'Flame virus aims to gather intelligence'

Tehran admits being targeted by what could be most sophisticated malware yet; says 'massive amounts of data lost.' Computer experts say such complex virus takes national resources to develop

Iranian authorities have admitted that malicious software dubbed Flame has attacked it, and instructed to run an urgent inspection of all computer systems in the country.

 

Iran's MAHER Center said Tuesday that the Flame virus "has caused substantial damage" and that "massive amounts of data have been lost."

 

Related stories:

 

The center, which is part of Iran's Communication's Ministry said that the virus' level of complexity, accuracy and high-functionality – noted mostly by the information corrupted – indicated that there is a "relation" to the Stuxnet virus.

 

Iranian experts said that Flame was able to overcome 43 different anti-virus programs.

 


Flame-infected data (Photo: Kaspersky Lab)

 

While no one knows who is behind "the most sophisticated virus of all times," the bottom line, computer experts say, is that only a state could have developed such a complex virus.  

 

  • For more on the raging cyber war click here

     

    Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.

     

    Moscow-based Kaspersky Lab, one of the world's largest data protection companies, was the first to discover the new malware. However, researchers are still unsure about its scope, because it has about 100 times as much code as a typical virus designed to steal financial information.

     

    Iran hit the hardest

    Researchers at Kaspersky estimated that around 5,000 personal computers around the world have been infected by the virus, Iran being hit the hardest, with 189 infected computers, followed by Israel and the Palestinian territories (98 computers), Sudan (32), Syria (30),Lebanon (18), Saudi Arabia (10) and Egypt (5).

     

    The researchers further estimated that the virus was developed by a country that allocated a significant budget for its development, which might be linked to cyber warfare.

     

    "Unlike the Suxtent virus that attacked in Iran, this is a spyware that doesn't disrupt or terminate systems, Professor Yitzhak Ben Yisrael, the former head of the Administration for the Development of Weapons and the Technological Industry said.

     

    According to Ben Yisrael, while the source of the software is unknown, "its aim is clear – collecting intelligence." The professor added that the spyware acts like a worm, jumping from one computer to another, and that it is impossible to locate the destination of the data that was copied.

     

    Another expert noted that the virus was extremely invasive, and was not created by a bored teenager, but rather by a sophisticated programmer.

     

    Flame could be the third major cyber weapon uncovered after the Stuxnet virus that attacked Iran's nuclear program in 2010, and its data-stealing cousin Duqu, named after the Star Wars villain.

     

    Both Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and employ a similar way of spreading.

     

    That means the teams that built Stuxnet and Duqu might have had access to the same technology as the team that built Flame.

     

     

     

     

     


  •  


    פרסום ראשון: 05.29.12, 00:11
     new comment
    Warning:
    This will delete your current comment