Technology

New “Flame” Malware is One of the Most Complex Cyber Weapons Yet

80beatsBy Veronique GreenwoodMay 29, 2012 5:16 PM

Newsletter

Sign up for our email newsletter for the latest science news
 

A massive piece of malware, nicknamed "Flame" by security researchers at Kaspersky Lab, has been discovered attacking computers in Iran and the rest of the Middle East. The scale and sophistication of the malware suggests that it was commissioned by a nation-state, perhaps by the same parties that built StuxNet, which destroyed Iranian uranium centrifuges several years ago, and Duqu, a related Trojan that culled information from infected computers. Flame doesn’t share any code with StuxNet or Duqu. But it is much larger---Duqu, for instance, was just 500 kilobytes, while Flame is 20 megabytes---and it impressed the Kaspersky researchers with its array of functions, which make it a kind of giant Swiss Army knife of malware. Here’s some of what it can do, from Kim Zetter's explainer at Wired:

Among Flame’s many modules is one that turns on the internal microphone of an infected machine to secretly record conversations that occur either over Skype or in the computer’s near vicinity; a module that turns Bluetooth-enabled computers into a Bluetooth beacon, which scans for other Bluetooth-enabled devices in the vicinity to siphon names and phone numbers from their contacts folder; and a module that grabs and stores frequent screenshots of activity on the machine, such as instant-messaging and email communications, and sends them via a covert SSL channel to the attackers’ command-and-control servers. The malware also has a sniffer component that can scan all of the traffic on an infected machine’s local network and collect usernames and password hashes that are transmitted across the network.

Flame been active for at least two years, probably longer, though it's hard to tell because the malware's littered with false dates (it's pretty clear, for example, that no matter what its records say, Flame wasn't infecting computers in 1994). It will take quite a while for researchers to unravel all its functions and learn more about its origins: A security expert at Kasperksy calls it “one of the most complex threats ever discovered.” Get the full details on Flame at Wired's Threat Level.

1 free article left
Want More? Get unlimited access for as low as $1.99/month
Already a subscriber? Log In or Register
1 free articleSubscribe
Want unlimited access?

Subscribe today and save 70%

Subscribe

Already a subscriber? Log In or Register
More From Discover
Recommendations From Our Store
Shop Now
Stay Curious
Join
Our List

Sign up for our weekly science updates.

 
Subscribe
To The Magazine

Save up to 70% off the cover price when you subscribe to Discover magazine.

Copyright © 2021 Kalmbach Media Co.