Major state sponsored data stealing malware discovered

A major government-funded malware that logs keystrokes, takes screenshots, records audio, and tries to steal data from nearby Bluetooth devices has been discovered, presenting one of the most potent and complex threats to security and privacy to date.

A major government-funded malware that logs keystrokes, takes screenshots, records audio, and tries to steal data from nearby Bluetooth devices has been discovered, presenting one of the most potent and complex threats to security and privacy to date.

 
Security firm Kasperksy Labs identified the malware called Flame, which it said has been operating from at least August 2010, if not earlier, targeting computers primarily in the Middle East.
 
Kaspersky Labs had been researching a different threat, called Wiper, which has been deleting data on computers in Western Asia, when Flame was discovered. Since then it has carried out research on the new threat with the United Nation's International Telecommunication Union.
 
Flame is much more sophisticated than most other types of malware, operating more like a toolkit than a single piece of malware. It allows additional “modules” to be added to perform different tasks and effectively monitors and intercepts any kind of communication. It is so advanced that it recognises when email or instant messaging is being used, taking screenshots of what is being typed. It can also record audio of those conversing near the computer and will try to connect to any device in the area via Bluetooth, such as mobile phones, to steal additional data.
 
 Major state sponsored data stealing malware discovered
 
The malware hit more than 600 specific targets, ranging from individuals to businesses, colleges, and government facilities. Countries included in the attack were Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt, according to the BBC.
 
The security firm said it believed the malware was state-sponsored, as it was far too complex for hacktivists, who tend to use relatively simple forms of attack, such as Distributed Denial of Service and SQL injection. Nor was Flame designed to steal money, which most attacks from cybercriminals are aimed at.
 
This latest threat follows a flurry of recent state-sponsored malware, such as Stuxnet, which took out key nuclear infrastructure in Iran, and its relative Duqu, which stole network data. Kaspersky's chief malware expert, Vitaly Kamluk, said that the level of sophistication and the countries involved in the attack ensures there is “no doubt” that Flame was orchestrated by a nation state, but it is not certain which country is behind it.
 
Kaspersky Labs labelled the malware as “one of the most complex threats ever discovered.” The code is 20MB in size, which might not sound like much, but that is 20 times the size of the powerful Stuxnet virus. The researchers said it could take years to analyse, by which time, of course, the malware may have accomplished its intelligence-gathering mission.
 
Source: BBC