Flame, which is designed to steal stored files and information about targeted systems, appears to be state-sponsored, Kaspersky Labs says.
by Steven Musil
A complex targeted virus has been discovered stealing data in the Middle East, security researchers announced today.
The malware — dubbed Flame — has been operation since 2010 and appears to be state-sponsored, Kaspersky Labs said today, but it was not sure of its origins. Flame is designed to steal information about targeted systems and stored files as well as computer display contents and audio conversations.
“The complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date,” Kaspersky Labs said in statement announcing the malware’s discovery.
The virus is about 20 times the size of Stuxnet, malware that targeted the controls of an Iranian nuclear facility. The largest concentration of infected machines is in Iran, followed by Israel/Palestine region, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.
“The preliminary findings of the research, conducted upon an urgent request from ITU, confirm the highly targeted nature of this malicious program,” Kasperky Labs expert Alexander Gostev said in a statement. “One of the most alarming facts is that the Flame cyber-attack campaign is currently in its active phase, and its operator is consistently surveilling infected systems, collecting information and targeting new systems to accomplish its unknown goals.”
Eugene Kaspersky, the founder and CEO of the Kaspersky, compared the new virus with Stuxnet and said it appeared to open a new front in state-sponsored cyber warfare. However, he said its full significance won’t be understood until more security researchers examine the malware.
“The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country,” Kaspersky said in a statement. “Unlike with conventional warfare, the more developed countries are actually the most vulnerable in this case.”