Skip to main content

Flame virus a new age cyber spy tool

By Unknown

CNewsworld.com: Flame virus a new age cyber spy tool


SAN FRANCISCO: The Flame computer virus that smoldered undetected for years in Middle Eastern energy facilities confirmed fears that the world has entered a new age of cyber espionage and sabotage.

Internet defenders on Wednesday were tearing into freshly exposed Flame malware (malicious software) that could be adapted to spread to critical infrastructures in countries around the world.

While the components and tactics of Flame were considered old school, the gigantic virus’s interchangeable software modules and targeted nature were evidence that malware is a potent weapon in the Internet era.

“We are seeing much more specific types of malware and attacks,” said McAfee Labs director of security research David Marcus.

“When you talk about a situation where the attacker knows the victim and tailors the malware for the environment it jumps out,” he said. “That speaks to good reconnaissance and an attacker who knows what they are doing.”

Gathering intelligence on targets and then crafting viruses to exploit specific networks as well as the habits of people using them is “certainly in vogue” and is an attack style heralded by the Stuxnet malware, Marcus said.

Stuxnet, which was detected in July 2010, targeted computer control systems made by German industrial giant Siemens and commonly used to manage water supplies, oil rigs, power plants and other critical infrastructure.

Most Stuxnet infections were discovered in Iran, giving rise to speculation it was intended to sabotage nuclear facilities there, especially the Russian-built atomic power plant in the southern city of Bushehr.

Suspicion fell on Israel and the United States, which have accused Iran of seeking to develop a weapons capability under the cover of a civilian nuclear drive. Tehran denies the charges.

“Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide,” said Eugene Kaspersky, founder of Kaspersky Lab, which uncovered Flame.

“The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country.”

Flame malware was larger than Stuxnet and protected by multiple layers of encryption.

It appears to have been “in the wild” for two years or longer and prime targets so far have been energy facilities in the Middle East.

High concentrations of compromised computers were found in the Palestinian West Bank, Hungary, Iran, and Lebanon. Additional infections have been reported in Austria, Russia, Hong Kong, and the United Arab Emirates.

Compromised computers included many being used from home connections, according to security researchers who were looking into whether reports of infections in some places resulted from workers using laptops while traveling.

While Stuxnet was crafted to do real-world damage to machinery, Flame was designed to suck information from computer networks and relay what it learned back to those controlling the virus.

Flame can record keystrokes, capture screen images, and eavesdrop using microphones built into computers.

In an intriguing twist, the malware can also use Bluetooth capabilities in machines to connect with smartphones or tablets, mining contact lists or other information, according to security researchers.

“There is lot of intelligence gathering and espionage-like behavior from the malware,” Marcus said. “You can turn that to target any industry you want.

“It looks like the infection spread is specific to Middle East, but malware is indiscriminate in a lot of things so it can jump,” he continued.

Marcus advised companies to not only keep network software up to date but to ratchet up security settings because threats such as Flame are carefully crafted to “fly under the radar.”

For example, Flame reportedly sneaked back out to the Internet by activating a seemingly innocuous Internet Explorer online browsing session.

Geographically targeted cyber espionage and even modular components in viruses have been around for years, Rik Ferguson of security firm Trend Micro said in his blog at countermeasures.trendmicro.eu.

Flame stands out for being a malware behemoth of nearly 20 megabytes and for its use of Bluetooth capabilities, according to Ferguson, who branded the malware a tool, not a weapon.

“You can’t get around the fact that the thing is gigantic,” Marcus said. “Someone went to a lot of trouble to really confound researchers. We are going to be ripping this sucker apart for a long time to figure everything it was doing.” AGENCIES


Facebook

Facebook Recommendations

Followers


Web Designing In Karachi



Haroof.com


Politics blogs

My Zimbio

Email Subscribe

Enter your email address:

Watch online Live TV

Watch online Live TV

Popular posts from this blog

Matric General Group Result SECONDARY SCHOOL CERTIFICATE (S. S. C.) PART - II CLASS - X - 2010 (www.apnieyesp.com )

By Unknown
PASSED THE SECONDARY SCHOOL CERTIFICATE (S. S. C.) PART - II CLASS - X) ANNUAL EXAMINATION, 2010. ERRORS AND OMISSIONS EXCEPTED, CANDIDATES BEARING THE FOLLOWING ROLL NUMBERS ARE DECLARED TO HAVE PASSED THE SECONDARY SCHOOL CERTIFICATE (S. S. C.) PART - II CLASS - X) ANNUAL EXAMINATION, 2010. ------------------------------------------------- GENERAL GROUP (REG&PVT) --- GRADE..'A-ONE' ---- ----------------------- ( CANDIDATES SECURING TOTAL MARKS 680 AND ABOVE) MARKS SECURED BY THE CANDIDATES OUT OF TOTAL MARKS OF 850 ARE MENTIONED AGAINST EACH ROLL NUMBER IN BRACKET --------------------------------------------------- 601086 (689) XXX (XXX) XXX (XXX) XXX (XXX) XXX (XXX) XXX (XXX) 601327 (681) 363 (684) 364 (719) 407 (685) 664 (682) 788 (687) 601836 (692) 882 (683) XXX (XXX) XXX (XXX) XXX (XXX) XXX (XXX) 602315 (723) 316 (715) 320 (712) 321 (739) 325 (686) 326 (702) 602327 (683) 329 (70...
Read more

Updated: 25 best Windows 8 apps available today

By Unknown
CNETAnalysis: Best Windows 8 apps: 1-12 Windows 8 has many interesting new features, but the most important has to be the Store. It’s now easy to enhance your PC with a host of powerful apps – games, multimedia, tools, productivity and more – and these can then automatically be installed on all your other Windows 8 systems in a click or two. You’ll have to find them first, of course, which is something of a challenge, since the Windows Store now has thousands of apps competing for your attention. But don’t worry, we’ve been scouring the latest releases for the hidden gems, so if you’d like to save time and jump straight to the Store highlights then read on for our guide to the best Windows 8 apps currently available. Windows 8 review Windows 8 vs Windows 7: 8 ways it’s different 50 Windows 8 tips, tricks and secrets Windows 8 tablets: what you need to know Making sense of the Windows 8 versions All our ...
Read more

In Depth: Could robots be the writers of the future?

By Unknown
CNETAnalysis: It might be concerned with aliens, outer space and dimensional jumping for now, but ‘sci-fi’ might have to be redefined if the latest advances in automated writing continue apace. Software that can construct sentences, analyse data and even put a ‘spin’ on a news story are threatening to make the newsdesk and the author’s writing room very different places. The end for journalists? Journalism isn’t complicated. The popularity of online news stories can be tracked – and therefore the importance of news easily ranked – while almost everything is written using the inverted pyramid structure . Since automated writing software can already do most of that, are we looking at the last generation of human journalists? Narrative Science’s Quill is the leading automated writing software title. It transforms structured data into readable, plain English stories that are identical to those written by humans, ...
Read more

Labels

Show more