Tuesday, May 29, 2012

Ugly virus Flame attacking computers across Mideast

Complex virus spreadsThere's a nasty virus attacking computers across the Middle East, gobbling up secret information.
The virus, which is believed to have been spreading for at least two years and possibly up to five, is said to be the third-biggest Internet threat since 2010, following Stuxnet and Duqu. While it's affected a relatively small number of machines, possibly around 5,000, it's exceptionally complex.
It's more complex and spreading wider than its predecessors, attacking personal, business and school computers, says a report from Russian security company Kaspersky Labs released yesterday.
Flame has struck countries such as Saudi Arabia, Israel and Syria, among others. And it steals everything from instant messaging conversations to keystrokes.
It has been particularly harsh in Iran, which said today it has developed an anti-virus program to fight it.
Flame, and something similar known as Flamer, is said to be a Trojan with worm-like abilities to spread across a network.
On its official blog, the Symantec security group warns that Flamer is on par with the two very ugly previous threats, Stuxnet and Duqu, which it described as the two most "complex pieces of malware" analyzed to date. Stuxnet attacked an Iranian nuclear plant a few years ago.
It's not known who developed the latest threat, but, according to The New York Times, Kaspersky believes a government may be behind it.
"As with the previous two threats, this code was not likely to have been written by a single individual but by an organized, well-funded group of people working to a clear set of directives," Symantec said.
"Certain file names associated with the threat are identical to those described in an incident involving the Iranian Oil Ministry."

Flame virus 'has infected 189 systems in Iran'

The most sophisticated computer virus the world has ever seen has infected 189 systems in Iran as part of its intelligence gathering functions, experts said.

Graphic showing the number and location of Flame infections, a malicious software virus infiltrating the Middle East
Image 1 of 2
Graphic showing the number and location of Flame infections, a malicious software virus infiltrating the Middle East
 
Figures released by the Kaspersky Lab show that infections by the programme were spread across the Middle East with 98 incidents in the West Bank, 32 in Sudan and 30 in Syria.
Other countries where the virus was detected include Lebanon, Saudi Arabia and Egypt.
Unlike the Stuxnet virus that was previously used to disrupt Iranian systems, Flame does not disrupt or terminate systems, Professor Yitzhak Ben Yisrael, the former head of the Administration for the Development of Weapons and the Technological Industry told an Israeli newspaper.
"According to Ben Yisrael, while the source of the software is unknown, 'its aim is clear – collecting intelligence. The professor added that the spyware acts like a worm, jumping from one computer to another, and that it is impossible to locate the destination of the data that was copied," Yediot Ahronot said.
The Russian-based internet security firm says a powerful computer virus with unprecedented data-snatching capabilities has attacked machines in Iran and elsewhere in the Middle East.

World’s most complex computer virus, Flame, discovered by Russia
The world
The world's most complex computer virus, possessing a range of complex espionage capabilities, has been discovered by Russian experts.
Cyber security experts have exposed the world's most complex computer virus possessing a range of sophisticated espionage capabilities, which has sought to steal data from computers in Iran and other Middle East countries.
The computer virus, known as Flame, was discovered by Kaspersky Lab, a Russian cyber security software maker that took credit for detecting the malicious computer code, Reuters reported.
Kaspersky researchers have said they did not fully understand the scope of the 20-gigabyte virus, adding that its code was 100 times the size of the most malicious software.
The Russian researchers noted that targets of the malware appeared to be in Iran, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.
Flame can gather data files, remotely change settings on computers, turn on computer microphones to record conversations, take screen shots and copy instant messaging chats.
Experts say Flame is 20 times more powerful than the Stuxnet virus, which struck Iran months ago.
Stuxnet, first indentified by the Iranian officials in June 2010, is a malware designed to infect computers using a control system favored by industries that manage water supplies, oil rigs, and power plants.
In July 2010, media reports claimed that Stuxnet had targeted industrial computers around the globe, with Iran being the main target of the attack. They said the country's Bushehr nuclear power plant was at the center of the cyber attack.
However, Iranian experts detected the virus in time, averting any damage to the country's industrial sites and resources.
 

Flame virus: who is behind the world's most complicated espionage software?

Flame, a newly-discovered computer virus built for espionage has been named as the most complicated piece of malicious software ever created, and speculation as to who is behind it is sweeping the web.

Iran's presdient, Mahmoud Ahmadinejad visiting the Natanz Uranium Enrichment Facility in April 2008 - An election campaign built on terrorism? Welcome to Iran
Iran's presdient, Mahmoud Ahmadinejad, visiting the Natanz Uranium Enrichment Facility, target of Stuxnet Photo: AP
Eugene Kaspersky, the founder of Kaspersky Lab, one of the security organisations that have investigated Flame since its discover earlier this month, is sure of at least one thing.
Other experts already agree that the complexity of the software and its espionage-specific capabilities strongly suggest a state intelligence agency is responsible.
Reuters journalist Jim Finkle notes that Kaspersky Lab has suggested the team that created the Stuxnet virus, which was designed to cause phiysical damage to the Iranian nuclear programme, may be behind Flame.