Trending Topics
|
Source: http://www.wired.com/threatlevel/2012/05/flame/
Meet "Flame" - The Massive Spy Malware Infiltrating Iranian Computers
(Wired) Kim Zetter - A highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation. Dubbed "Flame" by Russia-based anti-virus firm Kaspersky Lab, the malicious code is designed primarily to spy on the users of infected computers and steal data from them. "It's quite interesting that it stayed undetected for at least two years," said Alexander Gostev, chief security expert at Kaspersky Lab. Kaspersky discovered the malware about two weeks ago after looking into reports in April that computers belonging to the Iranian Oil Ministry and the Iranian National Oil Company had been hit with malware that was stealing and deleting information from the systems. Among Flame's many modules is one that turns on the internal microphone of an infected machine to secretly record conversations that occur either over Skype or in the computer's near vicinity; a module that turns Bluetooth-enabled computers into a Bluetooth beacon, which scans for other Bluetooth-enabled devices in the vicinity to siphon names and phone numbers from their contacts folder; and a module that grabs and stores frequent screenshots of activity on the machine, such as instant-messaging and email communications, and sends them via a covert SSL channel to the attackers' command-and-control servers.