Iran General NewsFlame virus 'much bigger than Stuxnet'

Flame virus ‘much bigger than Stuxnet’

-

AFP: Iran appears to have been the main target of the attack and the announcement comes just a month after the Islamic Republic said it halted the spread of a data-deleting virus targeting computer servers in its oil sector. By Stuart Williams

MOSCOW (AFP)— A Russian computer firm has discovered a new computer virus with unprecedented destructive potential that chiefly targets Iran and could be used as a “cyberweapon” by the West and Israel.

Kaspersky Lab, one of the world’s biggest producers of anti-virus software, said its experts discovered the virus — known as Flame — during an investigation prompted by the International Telecommunication Union (ITU).

Iran appears to have been the main target of the attack and the announcement comes just a month after the Islamic Republic said it halted the spread of a data-deleting virus targeting computer servers in its oil sector.

Kaspersky said the virus was several times larger than the Stuxnet worm that was discovered in 2010 and targeted the Iranian nuclear programme, reportedly at the behest of Western or Israeli security agencies.

It said the main task of Flame is cyber espionage, meaning it steals information from infected machines including documents, screenshots and even audio recordings. It then sends the data to servers all over the world.

Flame is “actively being used as a cyberweapon attacking entities in several countries,” Kaspersky said in a statement late on Monday. Flame is “one of the most advanced and complete attack-toolkits ever discovered.”

“The complexity and functionality of the newly discovered malicious programme exceed those of all other cyber menaces known to date,” it added.

The origin of the Stuxnet worm has never been made clear but suspicion has fallen on the United States and Israel which both accuse Iran of seeking to build an atomic weapon.

The chief security expert at Kaspersky, Alexander Gostev, said that Iran was the country by far the worst affected by Flame followed by Israel/Palestinian Territories, Sudan, Syria and Lebanon.

“The geography of the targets and also the complexity of the threat leaves no doubt about it being a nation state that sponsored the research that went into it,” he said in an analysis article.

He said that the aim of the virus was clearly to “collect information” on the operations of states in the Middle East such as Iran, Lebanon and Syria.

However, like Stuxnet and another previous superworm Duqu, “its authors remain unknown”, he said.

“Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists,” he added.

Without giving any indication that Israeli spy agency Mossad could be involved in Flame, Israel’s Strategic Affairs Minister Moshe Yaalon said such cyberweapons were an important part of the arsenal of Iran’s enemies.

“For anyone who sees the Iranian threat as significant, it is reasonable that he would take different steps, including these, in order to hobble it,” he told army radio.

“Israel is blessed with being a country which is technologically rich, and these tools open up all sorts of possibilities for us.”

Iran swiftly claimed to have come up with an anti-virus programme against Flame. “Tools to recognise and clean this malware have been developed,” Maher, a computer emergency response team coordination centre in Iran’s telecommunications ministry, said on its website.

Iran in April said it had set up a crisis committee to combat a mystery cyber attack which hit computers including ones running its main oil export terminal on Kharg Island in the Gulf.

Kaspersky’s Gostev said it was alarming that the cyber attack was now in its active phase.

“Its operator is consistently surveilling infected systems, collecting information and targeting new systems to accomplish its unknown goals.”

According to Laurent Heslault, security chief of the Symantec firm which makes Norton computer protection software, it is likely that Flame was being used for “highly targeted” attacks.

“The computers affected can be counted by the dozen, maybe hundreds, but no more than that,” he added. “Given its sophistication is clearly sponsored by someone with means.

“Is it a state? Is is the military? Is it paramilitary? It’s hard to say,” he added.

Flame had been “in the wild” for more than two years, since March 2010, Kaspersky said. It gave no clues over which party could have been behind the attack.

Latest news

Water Shortages in Iran Have Become a Chronic Crisis, and Alarm Bells Are Ringing

Statements by Iranian regime officials at the beginning of the summer indicate that water stress has spread across most...

Continued Human Rights Violations In Iran: Security Forces Open Fire On People Celebrating Khamenei’s Death

As the Iranian regime staged the funeral of Ali Khamenei four months after his death, human rights media reported...

Iran’s July 9 Student Uprising Mark 27th Anniversary

Twenty-seven years have passed since July 9, 1999, when the Iranian regime's official security forces and paramilitary groups loyal...

U.S. Military Attacks More Than 90 Targets in Iran

The United States Central Command (CENTCOM) said in a statement that on Wednesday evening, U.S. forces struck about 90...

Amnesty International Challenges Silence Over the Iranian Regime’s Crimes

The bloody crackdown on the January protests in Iran remains unaddressed, and Amnesty International has warned that the continued...

Iranian Regime’s Iraqi Proxy Groups in the Trap of Arrest and the Law

Following the arrest of one of the Iranian regime's proxy operatives in Iraq, who had also been sanctioned by...

Must read

Some in OPEC may push for cut if price drops: Iran

Reuters: Iran's OPEC governor said if oil prices continued...

President defiant as Iran faces new sanctions

Reuters: Iran's president voiced defiance on Wednesday as world...

You might also likeRELATED
Recommended to you