Welcome Stranger to OCC!Login | Register

Sophisticated 'Flame' Malware Discovered

Category: Bugs / Virus
Posted: 10:19AM

Normally the discovery of a computer virus is not big enough news to warrant coverage by large media outlets, but in the past few years there have been some too important to not cover. First it was Stuxnet, a Trojan of uncertain origin that attacked the nuclear facilities in Iran and destroyed equipment there. Another Trogan named Duqu was found later and it shows a higher level of complexity than Stuxnet, though many believe the two are related. Unlike Stuxnet though, Duqu has not been activated yet, so no one knows what its purpose is, except for those who wrote it. Now another virus has been found and it, like its predecessors, has been found attacking targets in Iran and the Middle East.

As researchers at Kaspersky Lab analyzed Duqu they found it had some coding in it that they were not familiar with. After asking for help from the Internet the solution was found, and it indicated that whoever made the malware is very experienced with programming. This new virus, named Flame, surpasses both Stuxnet and Duqu in complexity and size.

Most computer viruses are small, making it easy for them to go undetected. Duqu and Stuxnet at 500 KB were heavyweights, but Flame comes in at an astounding 20 MB, with one module alone 6 MB in size. Considering the large scope of what Flame can do, this is not entirely surprising. The virus not only is capable of stealing your passwords as it records keystrokes, but it can also activate and record voices with a computer's microphone, take screenshots, monitor network traffic, and communicate with BlueTooth devices.

This level of complexity has led every research group that has analyzed it to the same conclusion about Flame's origin. The virus was likely written by a nation-state because the level of expertise required for this piece of malware would necessitate a large budget. Also, as English text was found in the code, the researchers believe it was created by native English speakers. Both Duqu and Stuxnet are alleged to have been made by nation-states, but it has not been conclusively proven.

Register as a member to subscribe comments.
Comp Dude2 on May 29, 2012 01:18PM
The IT assistant at school was frustrated with the system we used that blocked all attachments over 10Mb stating "when have you ever seen a virus over 10Mb? They should be let through on the basis that they are least likely to be a virus!" So I see there is at least one exception. On a more serious note, this is fairly disturbing that someone has gone to such effort!

© 2001-2018 Overclockers Club ® Privacy Policy
Elapsed: 0.1189827919   (xlweb1)