Meet ‘Flame’, the massive spy malware infiltrating Iranian computers

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Meet ‘Flame’, the massive spy malware infiltrating Iranian computers
Botnet Flame
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2012 / 28 mai 2012
Editor/Conference
Link http://www.wired.com/threatlevel/2012/05/flame/ (Archive copy)
Author Kim Zetter
Type

Abstract

A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation.

The malware, discovered by Russia-based anti-virus firm Kaspersky Lab, is an espionage toolkit that has been infecting targeted systems in Iran, Lebanon, Syria, Sudan, the Israeli Occupied Territories and other countries in the Middle East and North Africa for at least two years.

Dubbed “Flame” by Kaspersky, the malicious code dwarfs Stuxnet in size – the groundbreaking infrastructure-sabotaging malware that is believed to have wreaked havoc on Iran’s nuclear program in 2009 and 2010. Although Flame has both a different purpose and composition than Stuxnet, and appears to have been written by different programmers, its complexity, the geographic scope of its infections and its behavior indicate strongly that a nation-state is behind Flame, rather than common cyber-criminals — marking it as yet another tool in the growing arsenal of cyberweaponry.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1015,
   editor = {},
   author = {Kim Zetter},
   title = {Meet ‘Flame’, the massive spy malware infiltrating Iranian computers},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2012},
   howpublished = {\url{http://www.wired.com/threatlevel/2012/05/flame/}},
 }