A complex computer virus has been pilfering confidential information from computers in the Middle East for at least two years, according to a security report released on Monday.
The virus, called Flame, has
been infecting computers in Iran, Israel, Lebanon, Sudan, Syria, Saudi
Arabia and Egypt. It has been grabbing images of users’ computer
screens, recording their instant messaging chats, remotely turning on
their microphones to record their audio conversations and monitoring
their keystrokes and network traffic, according to a report by Kaspersky Labs, a Moscow-based security research firm.
the report’s findings prove to be true, Flame would be the third major
Internet weapon to have been discovered since 2010. The first, named Stuxnet,
was intended to attack software in specialized industrial equipment,
and was used to destroy centrifuges in an Iranian nuclear facility in
2010. The second virus, called Duqu, like Flame, performed
reconnaissance. Security researchers believe Duqu was created by the
same group of programmers behind Stuxnet.
The researchers said
Flame appeared to have been developed by a different group of
programmers. It contains 20 times more code than Stuxnet and is much
more widespread than Duqu. Researchers believe Duqu hit fewer than 50
targets worldwide. Kaspersky’s researchers said they had detected Flame
on thousands of computers belonging to individuals, private companies
and universities across the Middle East.
“Flame can easily be
described as one of the most complex threats ever discovered,” Alexander
Gostev, the head of Kaspersky’s Global Research and Analysis team,
wrote in a blog post on Monday. “It’s big and incredibly sophisticated.
It pretty much redefines the notion of cyberwar and cyberespionage.”
say they do not know who is behind the virus, but given its complexity
and the geography of its targets, they said it was most likely being
staged by a government. The authors of Stuxnet and Duqu are also unknown
but their targets and digital evidence suggest to some researchers that
they may have been part of a joint American-Israeli project to sabotage
Iran’s nuclear program.
Kaspersky’s researchers said the majority
of computers infected with Flame were located in Iran. Like Duqu and
Stuxnet, Flame infects machines through a known security hole in the
Windows operating software.
Researchers discovered Flame while
investigating reports that another computer virus, called Wiper, had
been erasing computer programs in Iran. The International
Telecommunications Union, a United Nations
agency, had asked Kaspersky’s researchers to look into Wiper when they
discovered that thousands more computers had been infected with Flame.