Home > Uncategorized > “Flame” in Middle East and North Africa

“Flame” in Middle East and North Africa

Anti-virus firm Kaspersky Lab discovered a massive and highly sophisticated malware “Flame” infecting systems in Iran and Lebanon, Syria, Sudan, the Israeli Occupied Territories and other countries in the Middle East and North Africa. The malware is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation, infecting computers for at least two years.

Flame is a sophisticated and huge attack toolkit of modules comprising almost 20 MB in size when fully deployed. It is a backdoor, a Trojan, and it has worm-like features, allowing it to replicate in a local network and on removable media if it is commanded so. The initial point of entry of Flame is unknown. Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on.

The complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date says Kapersky Lab. Preliminary findings indicate that this malware has been “in the wild” for more than two years – since March 2010. Due to its extreme complexity, plus the targeted nature of the attacks, no security software detected it.

This complex malware infections and behavior strongly indicates role of a nation-state behind Flame.

The malware was discovered during an investigation prompted by the International Telecommunication Union to find an unknown piece of malware -codenamed Wiper- which was deleting sensitive information across the Middle East.

 

Advertisements
  1. manasidashblog
    May 29, 2012 at 4:08 pm

    Flame has infected 189 systems in Iran, the maximum number of computers in all.
    “Tools to recognise and clean this malware have been developed and, as of today, they will be available for Iranian organisations and companies who want it,” a computer emergency response team coordination centre in Iran’s telecommunications ministry, said on its website.
    http://www.iranwpd.com/index.php?option=com_k2&view=item&id=3637:iran-readies-anti-virus-for-flame-spy-malware&Itemid=65

  2. manasidashblog
    June 2, 2012 at 11:58 am

    Flame appears to be part of the state-sponsored campaign that spied on and eventually set back Iran’s nuclear program in 2010, when a digital attack destroyed roughly a fifth of Iran’s nuclear centrifuges- says NYT.

  3. manasidashblog
    June 6, 2012 at 4:49 am

    Microsoft released a software fix to fight the espionage tool “flame” which was reported by Kaspersky some days back, and accepted that a bug in Windows allowed PCs across the Middle East to become infected with the Flame. So would it mean Microsoft agreed there are loopholes in its operating system which the virus explored?

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s