« Back

Sophisticated Espionage Malware Toolkit Spreading Through Iran, Middle East

A malware infection thought to be created by the same party responsible for 2010’s Stuxnet worm, is carefully coursing through computer systems in Iran and other parts of the Middle East. Security vendor Kaspersky Lab discovered the Flame virus—which it describes as highly sophisticated malware that is part of an espionage toolkit—after the United Nations’ International Telecommunications Union requested help with computer infections targeting Iran’s oil ministry. Flame targets carefully selected computers, steals data, and opens a backdoor to infected systems that the hacker can use to update the malware. Flame contains multiple modules—one of which records conversations taking place either via Skype or near the computer. Researchers say they may need a decade to analyze the complex malware. Kaspersky found Flame primarily in Iran but also in other nations in the Middle East and North Africa. Some experts say the toolkit originated in the area about March 2010, while others suspect it was released in 2007. “Although Flame has both a different purpose and composition than Stuxnet, and appears to have been written by different programmers, its complexity, the geographic scope of its infections, and its behavior indicate strongly that a nation-state is behind Flame, rather than common cybercriminals,” notes Wired’s Kim Zetter. Stuxnet infected and damaged Iranian nuclear-processing facilities. (Wired)(Securelist)

 

Comments
Trackback URL: