Cyber-spying just got more advanced: according to researchers at Kaspersky Lab, a piece of software called Flame "might be the most sophisticated cyber weapon yet unleashed". So far Flame infection has been detected in Iran, Israel/Palestine, Syria, Lebanon, Saudi Arabia, and Egypt. Once it infects a computer, Flame can take screenshots, record audio conversations, intercept a keyboard, and more. And the researchers say it's been gathering "sensitive" information across the Middle East.
The discovery of Flame was announced yesterday, but Kaspersky estimates it has been operating since at least February 2010. So far, no one has determined who created the spyware, but Kaspersky's Alexander Gostev has stated that it is most likely the work of a nation state: "the geography of the targets (certain states in the Middle East) and also the complexity of the threat leaves no doubt about it being a nation state that sponsored the research that went into it".
It also appears the software is not targeting a specific organization, as was the case with earlier cyber weapons like Stuxnet, which many believe was designed to target Iran's nuclear weapons program. Instead, the Flame software seems to be "a complete attack toolkit designed for general cyber-espionage purposes", according to Gostev.
Another team of researchers at Hungary's University of Technology and Economics said Flame was able to stay hidden from anti-virus software because it is different from most Trojans, worms and viruses which security programs are designed to detect. It was also programmed to figure out which anti-virus software was running on the computer it was trying to infiltrate and disguise itself as something that wouldn't trigger any alerts.
The researchers examining Flame estimate that a total of 1000 machines have been infected. Iran is the most-targeted country, with at least 189 infections. Today, Iran's Computer Emergency Response Team announced that they have developed tools that will protect against Flame attacks, as well as cleaning up infected machines. But the questions of who created it and why remain unanswered.
Last night, cybercrime expert Misha Glenny was in the red chair, and he discussed the new reality of cyber attacks and the Stuxnet virus:
Related stories on Strombo.com: