web analytics
September 18, 2014 / 23 Elul, 5774
At a Glance
News & Views
Sponsored Post
Apartment 758x530 Africa-Israel at the Israel Real Estate Exhibition in New York

Africa Israel Residences, part of the Africa Israel Investments Group led by international businessman Lev Leviev, will present 7 leading projects on the The Israel Real Estate Exhibition in New York on Sep 14-15, 2014.



Thousands of Computers in Iran, Mid-East, Attacked by ‘Flame’ Virus


Flame Virus

Photo Credit: Yossi Zamir/Flash 90

Russian computer security giant Kaspersky Lab announced on Monday the discovery of a highly sophisticated malicious program that is actively being used as a cyber weapon attacking entities in several countries. The complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date.

Kaspersky’s research shows that the largest number of infected machines are in Iran, followed by the Israel/Palestine region, and Sudan and Syria.

Kaspersky Lab  is a Moscow headquartered and owned multi-national computer security company, co-founded by Natalia and Eugene Kaspersky in 1997. It is the world’s largest privately held vendor of software security products.

The malware, dubbed Flame, was discovered by Kaspersky Lab’s experts during an investigation prompted by the International Telecommunication Union (ITU). The malicious program, detected as Worm.Win32.Flame, is designed to carry out cyber espionage. It can steal valuable information, including but not limited to computer display contents, information about targeted systems, stored files, contact data and even audio conversations.

Kaspersky was unable to name the maker of the Flame, but experts suspect that the complexity of the program means that it took the resources of a major industrial country, such as China, The U.S., Russia or Israel to create and deploy it.

Last Tuesday, the Iranian oil ministry said that its IT systems had suffered no lasting damage from a suspected cyber-attack, but its experts would require two or three days to investigate and address the impact of the virus.

The virus hit the internet and communications systems of the oil ministry and national oil company late on Sunday of last week, forcing Iran to disconnect the control systems of Kharg Island, which handles the vast majority of Iran’s crude exports, and a number of other oil facilities.

ITU and Kaspersky Lab were following up on a series of such incidents, which they suspect were born by another, still unknown, destructive malware program – code named Wiper – which deleted data on a number of computers in the Western Asia region. This particular malware is yet to be discovered, but during the analysis of those incidents, the experts came across the Flame.

According to Kaspersky Lab, preliminary findings indicate that this malware has been “in the wild” for more than two years – since March, 2010. Due to its extreme complexity, plus the targeted nature of the attacks, no security software detected it.

Although the features of Flame differ from the previous notable cyber weapons, the Stuxnet virus that sabotaged Iran’s nuclear facilities back in 2010, and the data-stealing virus Duqu, the geography of the Flame attacks, the use of specific software vulnerabilities, and the fact that only selected computers are being targeted, indicate that Flame belongs to the same category of super-cyberweapons.

CEO and co-founder of Kaspersky Lab Eugene Kaspersky said that “the risk of cyber warfare has been one of the most serious topics in the field of information security for several years now. Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide. The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country. Unlike with conventional warfare, the more developed countries are actually the most vulnerable in this case.”

The primary purpose of Flame appears to be cyber espionage, by stealing information from infected machines. Such information is then sent to a network of command-and-control servers located in many different parts of the world.

The diverse nature of the stolen information, which can include documents, screenshots, audio recordings and interception of network traffic, makes it one of the most advanced and complete attack-toolkits ever discovered. The exact infection vector has still to be revealed, but it is already clear that Flame has the ability to replicate over a local network using several methods, including the same printer vulnerability and USB infection method exploited by Stuxnet.

Alexander Gostev, Chief Security Expert at Kaspersky Lab, commented: “One of the most alarming facts is that the Flame cyber-attack campaign is currently in its active phase, and its operator is consistently surveilling infected systems, collecting information and targeting new systems to accomplish its unknown goals.”

About the Author:


If you don't see your comment after publishing it, refresh the page.

Our comments section is intended for meaningful responses and debates in a civilized manner. We ask that you respect the fact that we are a religious Jewish website and avoid inappropriate language at all cost.

If you promote any foreign religions, gods or messiahs, lies about Israel, anti-Semitism, or advocate violence (except against terrorists), your permission to comment may be revoked.

5 Responses to “Thousands of Computers in Iran, Mid-East, Attacked by ‘Flame’ Virus”

  1. ‘Flame’ – A virus far more dangerous than the Stuxnet worm
    ‘Flame’ has been discovered in thousands of Middle East computers.

  2. Ron Wise says:

    Israeli computers?

  3. Beware fo the “Flame”, Virus more dangerous than the Worm in the Middle East. Able to pick up on midia and sound. Rabbi Leon Pettyjohn.

  4. West Bank computers

  5. West Bank Computers Ok! Rabbi Leon Pettyjohn.

Comments are closed.

SocialTwist Tell-a-Friend

Current Top Story
The beheading of British aid worker David Haines, Sept. 14, 2014. The terrorist standing beside him threatened that his fellow British aid volunteer, Alan Henning, would be next if UK Prime Minister David Cameron doesn't relinquish his support for the fight against ISIS.
British Muslims Plead for ISIS to Free Captive Alan Henning
Latest News Stories
The beheading of British aid worker David Haines, Sept. 14, 2014. The terrorist standing beside him threatened that his fellow British aid volunteer, Alan Henning, would be next if UK Prime Minister David Cameron doesn't relinquish his support for the fight against ISIS.

UK Muslims are calling on ISIS to release British aid volunteer Alan Henning, whose life is now threatened by the group.

Axe confiscated from Arab terrorist suspect by Border Police officers who were operating near Beit Jala on Sept. 18, 2014.

Border Police officers blocked an axe-toting Arab man from carrying out a terror attack near Jerusalem.

A home was damaged in a Qassam rocket barrage from Gaza on Friday, August 8, 2014. Miraculously, no one was in the house at the time.

A Code Red incoming rocket alert was sounded for Gaza Belt and Ashkelon Coastal communities.

Harvard law professor Alan Dershowitz.

Harvard law professor Alan Dershowitz says former Pres. Bill Clinton is wrong about PM Netanyahu.

A massive sting operation hauled in 15 suspects and foiled a plot by ISIS to hold a public beheading in Australia.

A 3-hour strike at Ben Gurion International Airport at check-in counters has delayed thousands.

Man running for US senate with campaign slogan, ‘With Jews We Lose.’

Have you seen Menachem Bodner’s twin brother Jeno, or Jolli Gottesman? He’s out there.

Iran scorns as “ridiculous” a US-led anti-ISIS coalition without boots on the ground.

A prison inmate on death row in Connecticut is demanding kosher food, though he’s not really Jewish.

Hamas claimed one of the bank’s clients owed them taxes…

Reports from Lebanon say that Israeli Air Force planes flew over the Marjayoun area in Lebanon, launching flares.

Despite previous claims, Hamas now denies they arrested any rocket crews. So, who do we believe?

Western Wall’s employees, remove thousands of handwritten notes placed between the ancient stones of the Kotel, the Western Wall, Judaism’s second holiest site, in the Old City of Jerusalem. The operation is carried out twice each year: before the Passover festival in the spring and at the Jewish New Year in the fall. The prayer […]

A memorial event with a special photo exhibition honoring the late Israeli Prime Minister Ariel Sharon took place on Monday.

The location of the gas chambers at the notorious Sobibor death camp has been revealed, Yad Vashem announced Wednesday.

More Articles from Jacob Edelist
F130210FFMS04

“Over-exposure of security and intelligence activities may seriously harm state security.”

Handle of a footed marble basin decorated with Seilenoi heads, the 1st century BCE.

Lionized as “the greatest builder in human history,” King Herod was also demonized for his cruelty and his shady religious origins.

“We expect continued firing of hundreds of rockets in the coming days.”

The plan is to stagger their recruitment, to allow IDF manpower officials to study the process.

Hamas called the meeting to try and avoid further casualties.

Some of the supervised, ‘bug-free,’ leafy vegetable growers are using higher levels of pesticides than allowed by Health Ministry standards.

Iranian Defense Minister Ahmad Vahidi said on Sunday that Iran has in its possession UAVs (unmanned aerial vehicles) which are far more advanced than the one which the Hezbollah recently sent into Israel.

Last Sunday, Netanyahu told Likud ministers he plans on adopting part of the report without relating to broad legal interpretations, to avoid international criticism. Still, the proposal will add legal flexibility and remove bureaucratic obstacles, making Jewish construction in Judea and Samaria considerably easier.

Printed from: http://www.jewishpress.com/news/breaking-news/thousands-of-computers-in-iran-mid-east-attacked-by-flame-virus/2012/05/28/

Scan this QR code to visit this page online: