Search for Wiper Malware ‘Inadvertently’ Found Flame

(Ping! Zine Web Tech Magazine) – Search for something smaller and you could stumble upon something much more serious. That’s how things went for security firm Kaspersky when the company was tasked with investigating destructive malware known as “Wiper” by the International Telecommunication Union.

“Wiper” was affecting the oil industry in Western Asia, according to the security firm. Given the momentous task of analyzing the matter, Kaspersky didn’t turn up any credible links to the malware. However, what did turn up was the Flame virus, highly suspected of being launched by a nation state.

“It is our firm opinion that Wiper was a separate strain of malware that was not Flame. Although Flame was a highly flexible attack platform, we did not see any evidence of very destructive behavior. Given the complexity of Flame, one would expect it to be used for long-term surveillance of targets instead of direct sabotage attacks on computer systems. Of course, it is possible that one of the last stages of the surveillance was the delivery of a Wiper-related payload, but so far we haven-t seen this anywhere,” said the company via its Secure List blog.

So did Wiper even exist with Kaspersky finding no such evidence? The security firm emphasized there was “no doubt” that it did. However, it appeared quite intricate. Kaspersky said, “The malware was so well written that once it was activated, no data survived.” Kaspersky also admitted the company may “never find out what Wiper was.”

Kaspersky initially detailed Flame in May, a virus the company referred to as “the most sophisticated cyber weapon yet unleashed.” Flame was also notable for sharing coding with the infamous Stuxnet virus.