The last time I checked with Google News this morning there were over 19,100,000 results for “flame malware”. You may have heard many stories this week about this complex trojan. Here are links to three of my current personal favorite articles on “Flame”.
- Powerful ‘Flame’ cyberweapon tied to popular Angry Birds game – (Fox News)
- Behind the ‘Flame’ malware spying on Mideast computers (FAQ) – (CNET)
- Flame Malware’s Ties To Stuxnet, Duqu: Details Emerge – (InformationWeek)
Is the Flame malware otherwise known as Flamer or sKyWiper likely to affect you personally? For the vast majority of people on the Internet the answer is “no”. For nuclear researchers in the Middle East and leaders of countries such as Iran, Israel and Sudan, then the answer is qualified “yes”.
Malware such as the recent “Flame” shows how cyberespionage and digital attacks have evolved. In years past, the malware developers would create code that would spread far and wide and infect any and all computers in it’s path.
The flame malware has been referred to by some as “The most sophisticated malware to date” and while it is quite an impressive piece of espionage spyware, it poses little threat to the common user. In this blog post I am going to go over a quick summary of the technical capabilities of the Flame malware, just for anyone who hasn’t already read all the blogs and news articles that have been circulating around the net for the past week. Then I am going to give a quick comparison of its capabilities to that of Stuxnet and Duqu, after which telling you why they are nothing alike. Then tell you about the real threats when it comes to similar malware that is circulating around the net right now that you might not know much about. I will finish it all up with some words of comfort and tell you why you shouldn’t be afraid to surf the net.
Flame Technical Summary
As stated previously, Flame is an impressive malware kit; it is very powerful and pretty unique in the way that it performs some of its operations. First of all, some back-story:
Flame was found by Kaspersky while they were helping out the International Telecommunication Union (ITU) to track down some malware that was wiping out the file systems of computers in Iran, well they didn’t find the exact malware which they were looking for but they found Flame instead. In the same general time frame, CrySyS labs was asked to join an international effort to analyze an as of yet unknown piece of malware, they called it sKyWIper. Not long after, Kaspersky and CrySyS realized they were working on the same file. Kaspersky researchers discovered that not only was Flame present in Iran but also in the surrounding countries. The malware was found on systems belonging to academic institutions, private companies and specific individuals. Kaspersky believes that Flame might have been in use since March of 2010, which was the same time that Stuxnet was first discovered.