Kaspersky Discovers Massive ‘Flame’ Virus Affecting Iran

(Ping! Zine Web Tech Magazine) – Kaspersky Lab noted on Monday that it had discovered what it says could be “the most sophisticated cyber weapon yet unleashed.”

According to a blog post from the security company, the worm acts as a backdoor trojan affecting middle-eastern countries such as Israel, the Palestinian territories, Sudan, Syria, Lebanon, Saudi Arabia and Egypt. However, a high majority of the attacks are noted to have infected computer systems in Iran, a country known for its contentious stance on nuclear proliferation.

The virus is so massive that it represents 20 megabytes of memory when fully enacted. Components include a scripting language known as Lua along with libraries used for database manipulation and compression.

“Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on. All this data is available to the operators through the link to Flame’s command-and-control servers,” stated Kaspersky Lab Expert Aleks regarding the matter.

Kaspersky said that the virus was affecting systems as early as 2010. No specific target for the attack could be found. Among its victims were institutions of education, individual people and government-related branches. The trojan was also notable for not stealing financial data.

While much information on the virus was detailed by Kaspersky, some pivotal questions remain. Exactly who is responsible could not be divulged due to the attack’s sophistication. However, the security company said it likely originated from a nation state or states.

Iran has consistently been the primary target of high-profile cyber-attacks. Stuxnet, another intricate virus was known to have previously infected Iranian systems and in April, the country was forced to take its oil facilities offline following another breach.