(Ping! Zine Web Tech Magazine) – Yesterday the Internet was rampant with reports that several middle-eastern countries were facing the wrath of an intricate virus known as Flame. The source of the attack? Likely a nation state.
Flame was initially detailed in a blog post from Russian-based security firm Kaspersky Lab. According to the company, the virus itself acted as a type of trojan, representing 20 MB of data when successfully infiltrating a system.
“Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on. All this data is available to the operators through the link to Flame’s command-and-control servers,” commented Kaspersky Lab Expert Aleks in yesterday’s post.
While computer systems in a number of countries were reportedly infected, a high majority of them were in Iran, a country known for its contentious stance on nuclear proliferation, often finding itself at odds with the west. However, the Islamic Republic is now claiming they’ve found a solution to what Kaspersky described as “the most sophisticated cyber weapon yet unleashed.”
According to a report from the BBC, the Iranian National Compute Emergency Response Team has claimed to have created a detection and removal solution for the virus. The virus finding software was allegedly finished earlier this month.
In comments made available through an Associated Press report, Iranian military member Gholam Reza Jalali acknowledged Flame’s existence but downplayed its impact. “This virus penetrated some fields. One of them was the oil sector. Fortunately, we detected and controlled this single incident,” commented Jalali in the AP news story. Jalali also emphasized that affected data could be recovered.
Iran has commonly found itself the center of virus attacks. A worm notoriously known as Stuxnet previously disabled Iranian systems used to operate the country’s nuclear facilities. Last month, Iranian oil systems were brought offline after a breach was detected.