Tehran admits being targeted by what could be most sophisticated malware yet; computer experts say only country capable of developing such complex virus
Iranian authorities have admitted that malicious software dubbed Flame has attacked it, and instructed to run an urgent inspection of all computer systems in the country.
While no one knows who is behind “the most sophisticated virus of all times,” the bottom line, computer experts say, is that only a state could have developed such a complex virus.
Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.
Moscow-based Kaspersky Lab, one of the world’s largest data protection companies, was the first to discover the new malware. However, researchers are still unsure about its scope, because it has about 100 times as much code as a typical virus designed to steal financial information.
Iran hit the hardest
Researchers at Kaspersky estimated that around 5,000 personal computers around the world have been infected by the virus, Iran being hit the hardest, with 189 infected computers, followed by Israel and the Palestinian territories (98 computers), Sudan (32), Syria (30),Lebanon (18), Saudi Arabia (10) and Egypt (5).
The researchers further estimated that the virus was developed by a country that allocated a significant budget for its development, which might be linked to cyber warfare.
“Unlike the Suxtent virus that attacked in Iran, this is a spyware that doesn’t disrupt or terminate systems, Professor Yitzhak Ben Yisrael, the former head of the Administration for the Development of Weapons and the Technological Industry said.
According to Ben Yisrael, while the source of the software is unknown, “its aim is clear – collecting intelligence.” The professor added that the spyware acts like a worm, jumping from one computer to another, and that it is impossible to locate the destination of the data that was copied.
Another expert noted that the virus was extremely invasive, and was not created by a bored teenager, but rather by a sophisticated programmer.
Flame could be the third major cyber weapon uncovered after the Stuxnet virus that attacked Iran’s nuclear program in 2010, and its data-stealing cousin Duqu, named after the Star Wars villain.
Both Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and employ a similar way of spreading.
That means the teams that built Stuxnet and Duqu might have had access to the same technology as the team that built Flame.
By Yoav Zeitun