web analytics
January 29, 2015 / 9 Shevat, 5775
 
At a Glance
News & Views
Sponsored Post


Thousands of Computers in Iran, Mid-East, Attacked by ‘Flame’ Virus


Flame Virus

Photo Credit: Yossi Zamir/Flash 90

Russian computer security giant Kaspersky Lab announced on Monday the discovery of a highly sophisticated malicious program that is actively being used as a cyber weapon attacking entities in several countries. The complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date.

Kaspersky’s research shows that the largest number of infected machines are in Iran, followed by the Israel/Palestine region, and Sudan and Syria.

Kaspersky Lab  is a Moscow headquartered and owned multi-national computer security company, co-founded by Natalia and Eugene Kaspersky in 1997. It is the world’s largest privately held vendor of software security products.

The malware, dubbed Flame, was discovered by Kaspersky Lab’s experts during an investigation prompted by the International Telecommunication Union (ITU). The malicious program, detected as Worm.Win32.Flame, is designed to carry out cyber espionage. It can steal valuable information, including but not limited to computer display contents, information about targeted systems, stored files, contact data and even audio conversations.

Kaspersky was unable to name the maker of the Flame, but experts suspect that the complexity of the program means that it took the resources of a major industrial country, such as China, The U.S., Russia or Israel to create and deploy it.

Last Tuesday, the Iranian oil ministry said that its IT systems had suffered no lasting damage from a suspected cyber-attack, but its experts would require two or three days to investigate and address the impact of the virus.

The virus hit the internet and communications systems of the oil ministry and national oil company late on Sunday of last week, forcing Iran to disconnect the control systems of Kharg Island, which handles the vast majority of Iran’s crude exports, and a number of other oil facilities.

ITU and Kaspersky Lab were following up on a series of such incidents, which they suspect were born by another, still unknown, destructive malware program – code named Wiper – which deleted data on a number of computers in the Western Asia region. This particular malware is yet to be discovered, but during the analysis of those incidents, the experts came across the Flame.

According to Kaspersky Lab, preliminary findings indicate that this malware has been “in the wild” for more than two years – since March, 2010. Due to its extreme complexity, plus the targeted nature of the attacks, no security software detected it.

Although the features of Flame differ from the previous notable cyber weapons, the Stuxnet virus that sabotaged Iran’s nuclear facilities back in 2010, and the data-stealing virus Duqu, the geography of the Flame attacks, the use of specific software vulnerabilities, and the fact that only selected computers are being targeted, indicate that Flame belongs to the same category of super-cyberweapons.

CEO and co-founder of Kaspersky Lab Eugene Kaspersky said that “the risk of cyber warfare has been one of the most serious topics in the field of information security for several years now. Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide. The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country. Unlike with conventional warfare, the more developed countries are actually the most vulnerable in this case.”

The primary purpose of Flame appears to be cyber espionage, by stealing information from infected machines. Such information is then sent to a network of command-and-control servers located in many different parts of the world.

The diverse nature of the stolen information, which can include documents, screenshots, audio recordings and interception of network traffic, makes it one of the most advanced and complete attack-toolkits ever discovered. The exact infection vector has still to be revealed, but it is already clear that Flame has the ability to replicate over a local network using several methods, including the same printer vulnerability and USB infection method exploited by Stuxnet.

Alexander Gostev, Chief Security Expert at Kaspersky Lab, commented: “One of the most alarming facts is that the Flame cyber-attack campaign is currently in its active phase, and its operator is consistently surveilling infected systems, collecting information and targeting new systems to accomplish its unknown goals.”

About the Author:


If you don't see your comment after publishing it, refresh the page.

Our comments section is intended for meaningful responses and debates in a civilized manner. We ask that you respect the fact that we are a religious Jewish website and avoid inappropriate language at all cost.

If you promote any foreign religions, gods or messiahs, lies about Israel, anti-Semitism, or advocate violence (except against terrorists), your permission to comment may be revoked.

5 Responses to “Thousands of Computers in Iran, Mid-East, Attacked by ‘Flame’ Virus”

  1. ‘Flame’ – A virus far more dangerous than the Stuxnet worm
    ‘Flame’ has been discovered in thousands of Middle East computers.

  2. Ron Wise says:

    Israeli computers?

  3. Beware fo the “Flame”, Virus more dangerous than the Worm in the Middle East. Able to pick up on midia and sound. Rabbi Leon Pettyjohn.

  4. West Bank computers

  5. West Bank Computers Ok! Rabbi Leon Pettyjohn.

Comments are closed.

SocialTwist Tell-a-Friend

Current Top Story
IDF soldiers evacuating wounded near northern border town of Ghajar.
Northern Golan Heights Declared Closed Military Zone
Latest News Stories
Hezbollah shooting at Har Dov

9:31pm The Mt. Hermon ski resort on the Golan Heights will be open for business tomorrow morning — having receiving permission from the IDF. 8:03pm Channel 2 reports that Hezbollah terror cell was located 5 kilometers from Israel, and not within Israel as originally thought.Soldiers in 2nd vehicle were saved after they jumped out of […]

Prime Minister Binyamin Netanyahu at a security assessment with Defense Minister Moshe Ya'alon, IDF Chief of Staff Lt.-Gen. Benny Gantz and other security heads at the Defense Ministry in Tel Aviv.

Prime Minister Binyamin Netanyahu announced Wednesday night that “whoever is behind today’s attack will pay the full price.”

Gazans getting supplies from UNRWA in Rafah.

The Gazans are protesting the freeze in the money transfer from the UN for rehabilitating their region.

Israel's President Ruby Rivlin

Rivlin returning early to Israel from US trip due to situation in northern Israel.

The soldiers were part of an IDF convoy that was using a civilian road, one that hundreds of civilians use on a daily basis.

The GOC Northern Command declares Israel’s northern border with Syria in the Golan Heights to be a closed military zone.

The names of the IDF soldiers killed by Hezbollah at Mount Dov on Wednesday have been released for publication.

Lebanese Hezbollah supporters celebrate IDF deaths Wednesday by giving sweets to motorists.

Two IDF soldiers were killed by Iranian-backed Hezbollah in the most serious attack on Israel since the start of Syria’s civil war.

Soldiers hit in missile attack were patrolling in non-armored jeeps.

Arab brother, sister were apparently planning attack.

The Spanish Ministry of Defense has confirmed that rockets were fired first at Israel from Lebanon, provoking IDF into retaliation.

The IDF announced that two Israeli soldiers were killed as a result of the Hezbollah terror attack earlier today.

One UNIFIL soldier is dead in the wake of an attack on Israel by Lebanon’s Hezbollah terror group.

Jordan has caved to ISIS and agreed to swap a terrorist prisoner for its hostage pilot.

More Articles from Jacob Edelist
F130210FFMS04

“Over-exposure of security and intelligence activities may seriously harm state security.”

Handle of a footed marble basin decorated with Seilenoi heads, the 1st century BCE.

Lionized as “the greatest builder in human history,” King Herod was also demonized for his cruelty and his shady religious origins.

“We expect continued firing of hundreds of rockets in the coming days.”

The plan is to stagger their recruitment, to allow IDF manpower officials to study the process.

Hamas called the meeting to try and avoid further casualties.

Some of the supervised, ‘bug-free,’ leafy vegetable growers are using higher levels of pesticides than allowed by Health Ministry standards.

Iranian Defense Minister Ahmad Vahidi said on Sunday that Iran has in its possession UAVs (unmanned aerial vehicles) which are far more advanced than the one which the Hezbollah recently sent into Israel.

Last Sunday, Netanyahu told Likud ministers he plans on adopting part of the report without relating to broad legal interpretations, to avoid international criticism. Still, the proposal will add legal flexibility and remove bureaucratic obstacles, making Jewish construction in Judea and Samaria considerably easier.

Printed from: http://www.jewishpress.com/news/breaking-news/thousands-of-computers-in-iran-mid-east-attacked-by-flame-virus/2012/05/28/

Scan this QR code to visit this page online: