‘Flame’, the world’s ‘most sophisticated cyber weapon’, discovered

Flame virus keyboard burning

Russia-based cybersecurity firm Kapersky Lab has discovered the world’s largest, most complex, and potentially most dangerous “cyber weapons” ever found. Known as “Flame,” the malware has been detected in machines across the Middle East, with the highest concentration of Flame infections found in Iranian computers, leading experts to believe that the malware is government-created.

At 20 megabytes in size, and with many individual parts, Flame is 20 times larger than either Stuxnet or DuQu, the two piece of malware previously considered the most dangerous.

According to Alexander Gostev, Kapersky’s head of Global Research and Analysis, Flame first came to Kapersky Lab’s attention after the International Telecommunication Union (ITU), a part of the United Nations, requested that Kapersky look into a an “an unknown piece of malware which was deleting sensitive information across the Middle East.” Specifically, Flame, which earlier media reports on the mysterious malware refer to it as either “Wiper” or “Viper,” was found on computers of the Iranian Oil Ministry and the Iranian National Oil Compuany.

What Kapersky’s cybersecurity experts uncovered was “what might be the most sophisticated cyber weapon yet unleashed,” writes Gostev, on the Kapersky blog SecureList. Flame “is a backdoor, a Trojan, and it has worm-like features, allowing it to replicate in a local network and on removable media if it is commanded so by its master,” writes Gostev. Flame allows its operators vast spying capabilities, including the ability to take screenshots, take control of the keyboard, and even record audio over an infected computer’s microphone.

Like Stuxnet and DuQu, the creator of Flame remains a mystery. Based on certain details, however, Kapersky has narrowed down the choice of candidates to one category: nation states.

“Currently there are three known classes of players who develop malware and spyware: hacktivists, cybercriminals and nation states,” writes Gostev. “Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cybercriminals and hacktivists, we come to conclusion that it most likely belongs to the third group. In addition, the geography of the targets (certain states are in the Middle East) and also the complexity of the threat leaves no doubt about it being a nation state that sponsored the research that went into it.”

Flame-map

At the moment, a Western government (like the United States), or Israel, seem the most likely creators of Flame, given the fact that Iran — considered by some as one of the greatest threats to Israel — is the most-targeted country. Other areas that have Flame-infected computers include the Palestinian territories in Israel, Sudan, Syria, Lebanon, Saudi Arabia, Egypt, Austria, Hungry, Russia, United Arab Emirates, and Hong Kong.

As AFP reports, Israel’s Strategic Affairs Minister Moshe Yaalon issued a statement about Flame, which seems to implicate the Israeli government’s involvement with its development and/or distribution.

“For anyone who sees the Iranian threat as significant, it is reasonable that he would take different steps, including these, in order to hobble it,” he said in an interview with the Israeli army radio. “Israel is blessed with being a country which is technologically rich, and these tools open up all sorts of possibilities for us.”

The exact date of Flame’s release is currently unknown. Gostev says the files that could reveal this information have been updated repeatedly with fake dates, but that they know it has been “out in the wild” since at least February or March of 2010. Wired reports that at least one part of the massive Flame malware appeared on computers in Europe all the way back in December of 2007, and in Dubai at the end of April, 2008.

A number of antivirus firms, including Kapersky, BitDefender, and Semantec, are currently analyzing Flame. BitDefender has released tools for removing Flame from infected computers, available here. And Iran’s Computer Emergency Response Team has issued a statement, saying that it has created a detector to find the so-called “Flamer” malware on infected machines, as well as a way to remove the invasive bit of code.

To learn more about the Flame spyware, check out Kapersky’s Q&A here.

Lead image via Ilja Mašík/Shutterstock

Product Review

Raw and brutal, ‘Dead Cells’ will pummel you, and you'll like it

Dead Cells is an indie game that blends elements from roguelite and Metroidvania genres to bring fast-paced combat pace, a complex progression system, and gameplay with plenty of secrets to uncover.
Movies & TV

‘Deadpool 3’ will take series in a ‘different direction,’ Ryan Reynolds says

At the surprise Chinese premiere of Deadpool 2's family-friendly cut, known stateside as Once Upon a Deadpool, Ryan Reynolds claimed that his team needs to "reboot or change" the character before it's too late.
Movies & TV

‘Roma’ and ‘The Favourite’ lead Oscar nominees as ‘Black Panther’ makes history

Roma and The Favourite lead the crowd of 2019 Oscar nominees with 10 nominations each, but Marvel Studios' Black Panther also made history by becoming the first superhero movie to receive an Academy Award nomination for Best Picture.
Movies & TV

The best new movie trailers: ‘Spider-Man,’ ‘John Wick,’ Ghostbusters,’ and more

Everyone loves a good trailer, but keeping up with what's new isn't easy. That's why we round up the best ones for you. This week, it's the first trailers for Spider-Man: Far From Home and John Wick: Chapter 3.
Computing

Midrange Nvidia GTX 1660 Ti graphics card may be 20 percent faster than GTX 1060

In the freshest development in graphics card rumors, alleged benchmarks are showing that the GTX 1660 Ti graphics card could be as much as 20 percent faster when compared to the older GTX 1060. 
Computing

Work and play anywhere with these portable, large-screen monitors

Via a recent and successful Kickstarter campaign by Unick, a new line of portable, large-screen monitors has been announced. The Gemini Taihe line of monitors offers two models: the Gemini FHD and the Gemini UHD.
Computing

It took Dell years to fix 1 problem on its best laptop. Here’s how it did it

The new Dell XPS 13 moves the webcam from the below the screen to the top, finally vanquishing the one obstacle facing thin, sleek laptop displays. We have the exclusive story on how it was done.
Product Review

The Digital Storm Aventum X is an unstoppable gaming PC. Trust us, we tried

Packed with dual-Nvidia RTX 2080 Ti graphics card and a 9th-generation Intel Core i9 processor, the Aventum X is an infinitely upgradeable gaming PC that’s capable of far more performance than you’ll ever need.
Computing

Breeze through security with these checkpoint-friendly laptop bags

Getting through airport security is a drag, but your laptop bag shouldn’t be. Thankfully, these checkpoint-friendly laptop bags will get you and your gear to your destination with ease.
Computing

Ditch the backdrop from your photos with these handy tools

Need to know how to remove the background from an image? Here's how, whether you prefer to use a premium program like Photoshop or one of the many web-based alternatives currently in existence.
Computing

Think someone's leeching off your Wi-Fi connection? Here's how to find out

It's important to find out immediately if anyone is stealing your bandwidth. Here's how to tell if someone is stealing your Wi-Fi using a few simple tools, along with some suggestions on improving security.
Computing

Open RAR files with the greatest of ease using these awesome applications

Few things are more bothersome than not being able to open a file when you need it most. Check out our quick guide about how to open RAR files in Windows and MacOS. We will walk you through the process, step by step.
Computing

‘Flexgate’ is the latest controversy plaguing some MacBook Pro owners

iFixit recently uncovered a new "Flexgate" issue with MacBook Pros after some consumers reported a "stage light" effect, where the backlighting on the device would fail and cause the bottom of the display to become slightly distorted.
Web

Google Chrome’s latest decision could prevent most ad-blockers from functioning

Google Chrome's newest change is cited as a step forward for speed and security, but could profoundly alter how the majority of ad-blocking extensions operate. The move potentially gives Google more control over which ads can be blocked.