Kaspersky Labs have uncovered a massive cyber attack codenamed the ‘Flame’, which has been operating since 2010. They say it has collected private data from countries such as Israel and Iran.
Kaspersky spoke to BBC news this afternoon and they said the malware was ‘state sponsored’, but weren’t sure of the origins. They said the Flame was one of the most complex threats ever discovered. The previous targeted malware, called Stuxnet targeted the nuclear infrastructure in Iran.
This new threat is designed to gather a lot of sensitive information, according to Kaspersky’s malware expert Vitaly Kamluk.
He said “Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on.”
He claims that more than 600 targets were hit including businesses, academic institutions and government systems and individuals.
It is so serious that the Iranian National Computer Emergency Response Team posted a security alert which said that they believed the Flame was responsible for ‘recent incidents of mass data loss’.
Kamluk from Kaspersky says that the sophistication of the attack would suggest that it has been government backed and likely not the work of independent cybercriminals, although he can’t prove it. Yet, anyway.
He said “Currently there are three known classes of players who develop malware and spyware: hacktivists, cybercriminals and nation states.
Flame is not designed to steal money from bank accounts. It is also different from rather simple hack tools and malware used by the hacktivists. So by excluding cybercriminals and hacktivists, we come to conclusion that it most likely belongs to the third group.”
Kitguru says: Another government funded piece of malware code? Imagine all the things we never hear about.