Wednesday, June 13, 2012

Cyber attack "The Flame"

As I already expect, the war between nations get into a new dimension; the cyber war. Even-though it happens all over the world for last few years the horrible face of this war was clearly identified in May 2012. The Flame.... a symbol of cyber war... a mile stone in virus history... a headache to the governments and antivirus technologists... THE FLAME. It is not a flame of fire, it is a monsoon of fire....Flame Virus (1)As usual Flame also attacks computers running the Microsoft Windows operating system. It can spread to other systems over a local network (LAN) or via USB stick. It can record audio, screenshots, keyboard activity and network traffic as usual key-loggers; but it has some more advanced and unbelievable features to steal data from the target. The program records Skype conversations and can turn infected computers into Bluetooth beacons which attempt to download contact information from nearby Bluetooth-enabled devices. Flame has the facility to turn on microphone to record the conversations. This data, along with locally stored documents, is sent on to one of several command and control servers that are scattered around the world. The program then awaits further instructions from these servers.

Flame Virus (3)According to estimates by Kaspersky in May 2012, Flame had infected approximately 1,000 machines, with victims including governmental organizations, educational institutions and private individuals. At that time the countries most affected were Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia, and Egypt, with a "huge majority of targets" within the first.[8] Flame has also been reported in Europe and North America. Flame supports a "kill" command which wipes all traces of the malware from the computer. Flame stopped operating after its public exposure, and the "kill" command was sent.

Flame Virus (2)Now the creators of the world's most complicated espionage virus, Flame, have sent a ‘suicide' command that removes it from some infected computers. Security firm Symantec caught the command using booby-trapped computers set up to watch Flame's actions. According to Symantec, the ‘suicide' command was “designed to completely remove Flame from the compromised computer,” the BBC reports. The command located every Flame file sitting on a PC, removed it and then overwrote memory locations with gibberish to thwart forensic examination. “It tries to leave no traces of the infection behind,” Symantec wrote on its blog.Flame Virus (4)Flame came to light last week after the U.N.'s telecom body asked for help in spotting a virus found stealing data from many PCs in the Middle East. Analysts who have investigated the virus said Flame, also called Skywiper, was one of the most complex computer espionage threats ever seen.

Blog Widget by LinkWithin


Post a Comment


Twitter Delicious Facebook Digg Stumbleupon Favorites More