The Flame: questions and answers

(Publication) Google search: [1]

The Flame: questions and answers
Botnet	Flame
Malware	Flame (bot)
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date	2012 / 28 mai 2012
Editor/Conference	Kaspersky lab
Link	http://www.securelist.com/en/blog/208193522/The Flame Questions and Answers (Archive copy)
Author	Alexander Gostev
Type

Abstract

“ Duqu and Stuxnet raised the stakes in the cyber battles being fought in the Middle East – but now we’ve found what might be the most sophisticated cyber weapon yet unleashed. The ‘Flame’ cyber espionage worm came to the attention of our experts at Kaspersky Lab after the UN’s International Telecommunication Union came to us for help in finding an unknown piece of malware which was deleting sensitive information across the Middle East. While searching for that code – nicknamed Wiper – we discovered a new malware codenamed Worm.Win32.Flame.

Flame shares many characteristics with notorious cyber weapons Duqu and Stuxnet: while its features are different, the geography and careful targeting of attacks coupled with the usage of specific software vulnerabilities seems to put it alongside those familiar ‘super-weapons’ currently deployed in the Middle East by unknown perpetrators. Flame can easily be described as one of the most complex threats ever discovered. It’s big and incredibly sophisticated. It pretty much redefines the notion of cyberwar and cyberespionage.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1014,
   editor = {Kaspersky lab},
   author = {Alexander Gostev},
   title = {The Flame: questions and answers},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2012},
   howpublished = {\url{http://www.securelist.com/en/blog/208193522/The_Flame_Questions_and_Answers}},
 }