Flame Malware Origins Investigated
June 1, 2012 by UPI - United Press International, Inc.
WASHINGTON (UPI) — The Flame malware attacking computers in Iran and other areas in the Middle East appears to be a collection of existing techniques, a cybersecurity expert said.
Kapersky Labs, the Internet security company that discovered W32.Flame, said the worm is a highly sophisticated cyberweapon, although James Lewis of the Center for Strategic and International Studies said it is really a collection of existing cyberespionage tools, Voice of America reported Friday.
It is much larger, however, than the 2010 Stuxnet virus, which is believed to have shut down uranium enrichment facilities in Iran.
Kapersky said Flame appears to be designed to steal information from infected machines by recording keystrokes, capturing screenshots and recording audio conversations.
The malware was discovered by Kapersky during an investigation prompted by the International Telecommunication Union. Preliminary findings suggest the malware has been out for more than two years.
“The risk of cyberwarfare has been one of the most serious topics in the field of information security for several years now,” Eugene Kaspersky, CEO and co-founder of the Moscow-based firm said in a statement earlier this week. “The Flame malware looks to be another phase in this war, and it’s important to understand that such cyberweapons can easily be used against any country.”
Flame appears to consist of multiple modules and is made up of several megabytes of executable code in total — making it around 20 times larger than Stuxnet, the Internet security firm said.