So what is flame? It’s a massive, highly sophisticated piece of malware that was infecting targeting systems in Iran, Syria, Lebanon and Sudan for at least two years.
So the malware was initially discovered by Kaspersky, who stated that it dwarfs Stuxnet in size, and it was believed it was wrecking havoc on Iran’s nuclear programs in 2009 and 2010. What’s interesting is this virus was recognized as part of an espionage toolkit, but there was no way to identify these sinister forces as its difficult to find exactly where keyloggers, worms, malware and other viruses originate.
It was found that it was originally utilized to spy on users of infected computers and steal data from them, be it keystrokes, recorded conversations and important government documents.
It’s such a complex piece of malware that Gostev, chief security expert of the time at Kaspersky stated it could take almost 10 years to understand it in its entirety.
However, what was interesting was the spreading mechanisms that are typical with Malware such as Stuxnet were switched off, possibly to avoid accelerated detection by the creator or attackers.
The malware also has no kill date, however the operators can spread a kill module that will eliminate all aspects of the virus, picking up all breadcrumbs left behind.