Powerful "Flame" cyber weapon found in Middle East

[Hanna 1]

Security experts have discovered a new data-stealing virus dubbed "Flame" they say has lurked inside thousands of computers across the Middle East for as long as five years as part of a sophisticated cyber warfare campaign.
It is the most complex piece of malicious software discovered to date, said Kaspersky Lab security senior researcher Roel Schouwenberg, whose company discovered the virus. The results of the Lab's work were made available on Monday.

Powerful "Flame" cyber weapon found in Middle East - Technology & science - Security - msnbc.com

 

[Britton30]

Thanks, I was just going to post this as well. A different article by the same writer. http://finance.yahoo.com/news/powerful-flame-cyber-weapon-found-135931201.html

 

[A Guy]

Researchers Identify Stuxnet-like Cyberespionage Malware Called 'Flame' | PCWorld

A Guy

 

[UsernameIssues]

Meet ‘Flame,’ The Massive Spy Malware Infiltrating Iranian Computers

The researchers say they don’t know yet how an initial infection of Flame occurs on a machine before it starts spreading. The malware has the ability to infect a fully patched Windows 7 computer, which suggests that there may be a zero-day exploit in the code that the researchers have not yet found.

Flame appears to have been operating in the wild as early as March 2010, though it remained undetected by antivirus companies.

Source: Wired

edit - thanks for moving my post to this thread - I did a forum search but failed to find mention of the story.

 

[James7679]

...still on vacation, but with all the rain, I've had some reading time. Biggest point of this is; between Flame and Stuxnet both being, what, 5 years old...
You gotta wonder, what's been planted since?

Great reading.

 

[A Guy]

UPDATED: Cyber Espionage Reaches New Levels with Flamer

Removal Tool in link

Download the 32-bit or
the
64-bit
removal
tools and find out if you’re infected with Flamer, the world’s
most discrete and dangerous piece of malware ever. If you are already protected by a Bitdefender security solution, you do not need to run the removal tool.

Update 2: As we’re digging into Flamer.A, new details about the piece’s modus operandi surface. The team working on it have uncovered that several components use an internal list called NetworkTypeIdentifier. This list references high-profile web sites such as *.overture.* , *.gmail.*, *.hotmail.* , *.bbc.co.* , *.bbc.co.* that are probed in order to get information about the bandwidth capabilities of the connection. However, the list also references three Iranian websites (*.baztab.* , *.maktoob.* , *.gawab.*) , which confirms once again that Iran was one of the designated targets.

Closer inspection of the EUPHORIA module revealed that it controls the spreading mechanism via USB sticks. The USB spreading capabilities are re-enforced with a secondary component called AUTORUN_INFECTOR that is being used to exploit the operating system’s Autorun feature.
[fragment of the configuration file for the EUPHORIA module]
EUPHORIA.PayloadNamesList.1.data.PayloadName string Lss.ocx
EUPHORIA.PayloadNamesList.2.data.PayloadName string System32.dat
EUPHORIA.PayloadNamesList.3.data.PayloadName string NtVolume.dat

Source

Everything You Need to Know About Flamer.A – World’s Most Sophisticated Cyber-Weapon

In 2010, the world stopped spinning for a moment, as evidence of a highly complex piece of malware hitting a nuclear research facility in Iran started to emerge. Two years later, the discovery of another e-threat shows that the team behind Stuxnet and Duqu had another offspring that was even more complex and persistent.

Source

A Guy

 

[jeepmann4x4]

Is Israel behind the Flame cyber-attack? - Yahoo! News

 

[Britton30]

And yet another... http://us.norton.com/flamer-highly-...ticle?om_em_cid=hho_email_r_outbreak_a_nam_us

 

[Hanna 1]

Computer virus briefly hits Iran's oil industry

TEHRAN, Iran (AP) — Iran's key oil industry was briefly affected by the powerful computer virus known as "Flame" that has unprecedented data-snatching capabilities and can eavesdrop on computer users, a senior Iranian military official said Wednesday.

Computer virus briefly hits Iran's oil industry - Yahoo! News

 

[cyclic]

Brilliant, such a dangerous weapon it sat on computers for 5+ years doing nothing, not even alerting anyone to it's potential existance. Flame? no, damp squibb.

 

[Britton30]

It's surprising it was discovered I think since Flame and variants targeted Oil production, power plants, weapons, plutonium inventories, and nuclear facilities.

 

[Hanna 1]

FLAMES NEWS
Was Flame virus written by cyberwarriors or gamers?
Why would super-secret spy software be written in a video game language? As security researchers continue to unpack the digital mystery that is the Flame virus, that's just one question looming over perhaps the world's most intriguing digital whodunit.
READ MORE
Red Tape - Was Flame virus written by cyberwarriors or gamers?

So, TAKE CARE GAMERS

 

[Brink]

Israel: Don't blame the Flame cyberattack on us

The Flame worm has put the Middle East and neighboring regions on high alert and caused several security experts to look for the source. And although some media reports have linked Israel to the attack, the country has denied all involvement.

Read more at:
Israel: Don't blame the Flame cyberattack on us | Security & Privacy - CNET News

 

[Hanna 1]

Flame Virus Looms in Debate Over Regulation of Internet
The Flame computer virus unleashed in Iran and other Middle Eastern countries is being described as unusually large and powerful. Some experts, though, are questioning the seriousness of the threat

The Chosun Ilbo (English Edition): Daily News from Korea - Flame Virus Looms in Debate Over Regulation of Internet