Flame, a Super Cyber Weapon, is on the Prowl, Says Kaspersky Lab

May 29, 2012, By Sanjeev Ramachandran

A very sophisticated cyber weapon is on the prowl, which can carry out large scale cyber espionage to steal valuable information from countries and organizations.

Progressing with research initiated on request from the International Telecommunication Union to find out the mystery behind a series of attacks which has wiped data on computers in the West Asia region, the web security analyst firm Kaspersky Lab found this new web threat which the company has codenamed Worm.Win32.Flame.

The worm is more sophisticated and dangerous than known cyber weapons like Stuxnet and Duqu, and can steal computer display contents, contact data, data on network traffic, audio conversations and any documents on the system.

According to the research team, Flame has been in the wild for the last two years, right from 2010. Due to the geography of attacks, use of specific software vulnerabilities, select targeting and extreme complexity in its construction, security software often fails to detect it.

According to experts, Flame indicates the transition phase of cyber weapons from threats like Stuxnet which were known to trigger single chain of attacks to super cyber weapons like Falme which can trigger complex patterns of attack and steal more valuable data.

It is also found that it can replicate over local network utilizing the printer vulnerabilities and USB infection methods.

The malware has multiple modules and carries executable codes which make it to some megabytes size. Presently it is in active phase and the controller, according to experts, is monitoring the infected systems and targeting new systems.

Meanwhile, the malware which has initiated the research that exposed Falme still remains at large. Kaspersky Lab has codenamed it Wiper and is trying to uncover it.

© 2008-2012 DeviceMag.com - All rights reserved | Privacy Policy