Visitors Now:
Total Visits:
Total Stories:
Profile image
By //singularity.co.nr//
Contributor profile | More stories
Story Views

Now:
Last Hour:
Last 24 Hours:
Total:

Flame Virus Purpose Is ‘Cyber Espionage’

Saturday, June 16, 2012 20:26
% of readers think this story is Fact. Add your two cents.

(Before It's News)

 

The Iranian Computer Emergency Response Team (MAHER) recently claimed to have found a new version of Stuxnet attacking the country. This new virus, classified as 'Skywiper' or 'Flame',  (the name “Flamer” comes from one of the attack modules) soon went global, with Kaspersky Lab in the US and CrySyS Lab of the Budapest University of Technology and Economics confirming the discovery. Experts believe the complexity and functionality of this newly discovered malware exceed that of all others known to date.

Described as: "A sophisticated malicious program that is actively being used as a cyber weapon attacking entities in several countries.' Kapersky Labs also revealed that part of the Flame program code is almost identical to code found in a 2009 version of Stuxnet.

Flame is designed to carry out 'cyber espionage', stealing computer display contents, stored files, contact data and even audio conversations.

Identified as Worm.Win32.Flame by Kaspersky Lab’s security products, the malicious program then sends this information to 'a network of command-and-control servers located in many different parts of the world.' 

The virus replicates itself over a local network using several infection methods, along with the identical printer and USB vulnerabilities exploited by Stuxnet.

More complex in nature, initially none of the dozens of commercial anti virus products on the market could detect the malicious components, prompting fears the malware has been active for more than two years. 

 

 

Highlights of 'Flame' capabilities

 
  • Distribution via removable medias
  • Distribution through local networks
  • Network sniffing, detecting network resources and collecting lists of vulnerable passwords
  • Scanning the disk of infected system looking for specific extensions and contents
  • Creating series of user’s screen captures when some specific processes or windows are active
  • Using the infected system’s attached microphone to record the environment sounds
  • Transferring saved data to control servers
  • Using more than 10 domains as C&C servers
  • Establishment of secure connection with C&C servers through SSH and HTTPS protocols
  • Bypassing tens of known antiviruses, anti malware and other security software
  • Capable of infecting Windows Xp, Vista and 7 operating systems
  • Infecting large scale local networks
 
 

 

Further info

 

http://en.wikipedia.org/wiki/Flame_(malware)

Report abuse

Comments

Your Comments
Question Razz Sad Evil Exclaim Smile Redface Biggrin Surprised Eek Confused Cool LOL Mad Twisted Rolleyes Wink Idea Arrow Neutral Cry Mr. Green

Top Stories
Recent Stories

Register

Newsletter

Email this story
Email this story

If you really want to ban this commenter, please write down the reason:

If you really want to disable all recommended stories, click on OK button. After that, you will be redirect to your options page.