The flame malware has been referred to by some as “The most sophisticated malware to date” and while it is quite an impressive piece of espionage spyware, it poses little threat to the common user. In this blog post I am going to go over a quick summary of the technical capabilities of the Flame malware, just for anyone who hasn’t already read all the blogs and news articles that have been circulating around the net for the past week. Then I am going to give a quick comparison of its capabilities to that of Stuxnet and Duqu, after which telling you why they are nothing alike. Then tell you about the real threats when it comes to similar malware that is circulating around the net right now that you might not know much about. I will finish it all up with some words of comfort and tell you why you shouldn’t be afraid to surf the net.
Flame Technical Summary
As stated previously, Flame is an impressive malware kit; it is very powerful and pretty unique in the way that it performs some of its operations. First of all, some back-story:
Flame was found by Kaspersky while they were helping out the International Telecommunication Union (ITU) to track down some malware that was wiping out the file systems of computers in Iran, well they didn’t find the exact malware which they were looking for but they found Flame instead. In the same general time frame, CrySyS labs was asked to join an international effort to analyze an as of yet unknown piece of malware, they called it sKyWIper. Not long after, Kaspersky and CrySyS realized they were working on the same file. Kaspersky researchers discovered that not only was Flame present in Iran but also in the surrounding countries. The malware was found on systems belonging to academic institutions, private companies and specific individuals. Kaspersky believes that Flame might have been in use since March of 2010, which was the same time that Stuxnet was first discovered.