Categories: Science & Technology

Flame, a massive targeted cyber-attack discovered by Russian researchers

Russian researchers have discovered a complex targeted cyber-attack that collected private data from countries such as Israel and Iran.

Russian security firm Kaspersky Labs said they believed the malware, known as Flame, had been operating since August 2010.

The company said it believed the attack was state-sponsored, but could not be sure of its exact origins.

They described Flame as “one of the most complex threats ever discovered”.

Research into the attack was carried out in conjunction with the UN’s International Telecommunication Union.

Russian security firm Kaspersky Labs said they believed the malware, known as Flame, had been operating since August 2010

In the past, targeted malware – such as Stuxnet – has targeted nuclear infrastructure in Iran.

Others like Duqu have sought to infiltrate networks in order to steal data.

This new threat appears not to cause physical damage, but to collect huge amounts of sensitive information, said Kaspersky’s chief malware expert Vitaly Kamluk.

“Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on,” he said.

More than 600 specific targets were hit, Vitaly Kamluk said, ranging from individuals, businesses, academic institutions and government systems.

Iran’s National Computer Emergency Response Team posted a security alert stating that it believed Flame was responsible for “recent incidents of mass data loss” in the country.

Vitaly Kamluk said the size and sophistication of Flame suggested it was not the work of independent cybercriminals, and more likely to be government-backed.

He explained: “Currently there are three known classes of players who develop malware and spyware: hacktivists, cybercriminals and nation states.

“Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cybercriminals and hacktivists, we come to conclusion that it most likely belongs to the third group.”

Among the countries affected by the attack are Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.

“The geography of the targets and also the complexity of the threat leaves no doubt about it being a nation-state that sponsored the research that went into it,” Vitaly Kamluk said.

The malware is capable of recording audio via a microphone, before compressing it and sending it back to the attacker.

It is also able to take screenshots of on-screen activity, automatically detecting when “interesting” programs – such as email or instant messaging – were open.

Kaspersky’s first recorded instance of Flame is in August 2010, although it said it is highly likely to have been operating earlier.

Prof. Alan Woodward, from the Department of Computing at the University of Surrey said the attack is very significant.

“This is basically an industrial vacuum cleaner for sensitive information,” he said.

He explained that unlike Stuxnet, which was designed with one specific task in mind, Flame was much more sophisticated.

“Whereas Stuxnet just had one purpose in life, Flame is a toolkit, so they can go after just about everything they can get their hands on.”

Once the initial Flame malware has infected a machine, additional modules can be added to perform specific tasks – almost in the same manner as adding apps to a smartphone.

 

Nancy Clayson

Nancy is a young, full of life lady who joined the team shortly after the BelleNews site started to run. She is focused on bringing up to light all the latest news from the technology industry. In her opinion the hi-tech expresses the humanity intellectual level. Nancy is an active person; she enjoys sports and delights herself in doing gardening in her spare time, as well as reading, always searching for new topics for her articles.

Recent Posts

Donald Trump and Elon Musk Celebrate Election Victory at UFC 309

Image source: Wikimedia Commons President-elect Donald Trump celebrated his election victory at the Ultimate Fighting…

1 week ago

White House 2024: Donald Trump Wins, Kamala Harris Calls Him to Concede Election

Millions of voters across the US chose to return Donald Trump to the White House…

3 weeks ago

Who Won? Donald Trump Declares Victory as He Addresses Jubilant Supporters in Florida

Donald Trump declares victory in the US election as he addresses jubilant supporters in Florida.…

3 weeks ago

Stocks Soaring as Donald Trump Closes in on US Victory

Stocks around the world are rising as Donald Trump appears to be on the cusp…

3 weeks ago

Who Won? Kamala Harris Cancels Election Night Party as Path to Victory Narrows

Donald Trump has won Pennsylvania, North Carolina and Georgia and taken a lead over Kamala…

3 weeks ago

Quincy Jones Dead at 91

Quincy Jones, the celebrated musician and producer who worked with Michael Jackson, Frank Sinatra, Ray…

3 weeks ago