Dark Fiber: Flame (The Malware)

~ Alan Ch

Flame-Infection-Map_Kaspersky-660x429This is a map back in 2012 showing the amount of Flame infections discovered on customer machines.

So what is flame? It’s a massive, highly sophisticated piece of malware that was infecting targeting systems in Iran, Syria, Lebanon and Sudan for at least two years.
So the malware was initially discovered by Kaspersky, who stated that it dwarfs Stuxnet in size, and it was believed it was wrecking havoc on Iran’s nuclear programs in 2009 and 2010. What’s interesting is this virus was recognized as part of an espionage toolkit, but there was no way to identify these sinister forces as its difficult to find exactly where keyloggers, worms, malware and other viruses originate.

It was found that it was originally utilized to spy on users of infected computers and steal data from them, be it keystrokes, recorded conversations and important government documents.

It’s such a complex piece of malware that Gostev, chief security expert of the time at Kaspersky stated it could take almost 10 years to understand it in its entirety.

However, what was interesting was the spreading mechanisms that are typical with Malware such as Stuxnet were switched off, possibly to avoid accelerated detection by the creator or attackers.

The malware also has no kill date, however the operators can spread a kill module that will eliminate all aspects of the virus, picking up all breadcrumbs left behind.

2 thoughts on “Dark Fiber: Flame (The Malware)

  1. Crazy interesting the way you tied the slightly more mundane concepts of data retention and the net resisting deletion and combined it with the ‘when hacking goes bad’ discussion through the hackers specifically going after this information. Weirdly makes me think back and question my own action when hacking into computer security systems as characters in videogames…

    Liked by 1 person

    Reply

  2. An incredibly interesting article you wrote here Alan. It really highlights the potential dangers that come about due to our high utility and reliance on the internet, with computer viruses being able to spread for the malicious intent of others. With the ease that Flame managed to travel, it definitely raises alarms and also scares me to no end. It’s also scary how Kasparsky can’t directly deal with the issue, but rather only clean up the issue. Are you aware of any current news regarding this issue and how it turned out?

    Like

    Reply

Leave a comment