Flame On!


May 31st

An ill wind is blowing. It use to be that we needed to be afraid of the script kiddies trying to penetrate our networks, then we needed to worry about the organised hackers, teaching each other their latest exploits, such as Cult of the Dead Cow, Anonymous or Lulz, but now we have sailed in to dangerous waters.

Over the last few months we are seeing a lot more state sponsored activity. First it was Stuxnet, then Duqu and now the latest FLAME!

Kaspersky Lab has discovered a new Worm/Trojan that they have code named Flame, and named within their Anti-Virus tool, Worm.Win32.Flame.

The investigation in to the new worm was kicked off after the UN’s International Telecommunication Union complained that some new malware was deleting sensitive documents across the Middle East. While investing “Wiper”, the Kaspersky code name for the undiscovered Malware, they stumbled across Flame.

It seems that Flame was from the same authors, or persons working with the original authors of Stuxnet and Duqu. Kaspersky came to this conclusions as the code shared common vulnerabilities and functions as the sister Trojans, with a similar target audidence.

Kaspersky describes the new “super-weapon” as “incredibly sophisticated” and “one of the most complex threats ever discovered”.

Flame is described as a “Back-Door”, a “Trojan” and is described as having “Worm like functionality”. The original delivery mechanism is yet to be discovered, but once on a system it will spread via portable storage and network connectivity.

Leave a Reply

© 2006-2024 Security Enterprise Cloud magazine.