Meet 'Flame'- The Most Sophisticated Cyber Weapon!
According to Kaspersky Lab, the Flame malware is suspected to be sponsored by nation-states given the level of complexity, research and the geography of the targets with special focus on certain states in the Middle East.
Remember Duqu? The infamous Stuxnet virus that wreaked havoc on Iran's nuclear programme. The cyber warfare in the Middle East is heating up each day and a new species of worm- Flame, took birth recently. The Flame cyber espionage worm has affected major Middle East countries like Iran, Lebanon, Syria, Israel, Sudan, Egypt and Saudi Arabia. In India, till now, only one Flame infection was detected by Kaspersky Lab experts. The experts mentioned that from India's point of view, the infection will not spread as it can replicate itself to a limited neighbourhood machines.
"Flame is much more complex than Duqu and is a sophisticated attack toolkit. Armed with the lethality of a backdoor and a Trojan, it has worm-like features too, which replicates in a local network and on removable media as instructed," said Aleks Gostev, chief security expert, Global Research and Analysis Team, Kaspersky Lab.
"The entry point of Flame is still unknown while once it is in the system it starts monitoring network traffic, take screenshots, record audio conversations, intercept the keyboard, and much more. The data is then made available to the operators through the link to Flame's command-and-control servers. The operators can choose to upload further modules, which expand Flameâ€™s functionality," said Gostev.
The Flame malware is made up of several modules and the one of the main modules responsible for attacking and infecting other systems is named Flame. The Flame malware is suspected to be sponsored by nation-states given the level of complexity, research and the geography of the targets with special focus on certain states in the Middle East. Just like Stuxnet and Duqu, there is no specific information in the code that points Flame to any specific nation state, added Gostev.
Flame is sniffing for any kind of intelligence including e-mails, documents, messages, discussions inside sensitive locations. It has the ability to take screenshots of any application that seems interesting like messengers, etc. The screenshots are stored in a compressed format and are regularly sent to the command and control server, similar to audio recordings.