Home

New computer malware ‘Flame’ targeting Iran

1 Jun 2012

The discovery of a malicious computer program that appears to be collecting sensitive information from Iran and others indicates the global cyberwar has moved to a new level, warn security experts.

Kaspersky Labs, the Russian internet security company that discovered the malware, codenamed Flame, said it was more complex and sophisticated than any of the cyberweapons it has seen to date. “The Flame malware looks to be another phase in this war,” said Eugene Kaspersky, co-founder of Kaspersky Lab.

At the end of April, computers at Iran’s oil ministry were reported to have been attacked by hackers, and experts at Symantec, the US IT security company, said on Monday that parts of the Flame program were identical to the malware used in that attack. The incident was played down by the government at the time and it was unclear if any data was lost.

Earlier this year the head of Iran’s Civil Defence Organisation had also said that the country’s energy sector had been subject to an increasing number of cyberattacks over the past two years. Flame is thought to have been in operation since 2010.

New espionage “malware” discovered

The Stuxnet virus raised widespread panic when it was discovered in 2010, because it was believed to have caused physical damage at Iran’s nuclear facilities, the first known computer worm to target industrial controls. While Flame is not thought to have caused this kind of damage, it appears to be able to spy on organisations in a number of ways, including switching on microphones attached to a computer to record conversations and sounds.

Orla Cox, senior security operations manager at Symantec, said the code was likely to have been written by a nation state. “It is very professionally written and does not even look like a piece of malware. We suspect there is some nation state involvement because of the funding you would need to have behind this.”

Apart from anything else, she said, the amount of information being collected by the program was so vast, it would require large resources to sift through it all. “This is a fully-featured spying program that is grabbing anything it can,” Ms Cox said.

Only a few hundred individuals appear to have been affected by the malware, Ms Cox said, and security experts were still trying to see whether there was any link or pattern to those affected.

Stuxnet and Duqu, another malware program, are widely believed to have been created by the US and Israeli governments, although neither country has confirmed their involvement.

Iran’s armed forces have created a special unit to defend the country against computer attacks, which works closely with the defence, telecommunications and intelligence organisations.

(Financial Times)

 
Tehran Review
کلیدواژه ها: , , | Print | نشر مطلب Print | نشر مطلب


What do you think | نظر شما چیست؟

عضویت در خبرنامه تهران ریویو

نشانی ایمیل

Search
Most Viewed
Last articles
Tags
  • RSS iran – Google News

  • video
    کوچ بنفشه‌ها

    تهران‌ریویو مجله‌ای اینترنتی، چند رسانه‌ای و غیر انتفاعی است. هدف ما به سادگی، افزایش سطح گفتمان عمومی در مورد ایده‌ها، آرمان‌ها و وقایع جهان امروز است. این مشارکت و نوشته‌های شما مخاطبان است که کار چند رسانه‌ای ما را گسترش داده و به آن غنا و طراوت می‌بخشد. رایگان بودن این مجله اینترنتی به ما اجازه می‌دهد تا در گستره بیشتری اهداف خود را پیگیری کرده و تاثیرگذار باشیم. مهم‌تر از همه اینکه سردبیران و دست‌اندرکاران تهران‌ریویو به دور از حب و بغض‌های رایج و با نگاهی بی‌طرفانه سعی دارند به مسایل روز جهان نگاه کرده و بر روی ایده‌های ارزشمند انگشت بگذارند. تهران ریویو برای ادامه فعالیت و نشر مقالات نیازمند یاری و کمک مالی شماست.