Dear Visitor,

Our system has found that you are using an ad-blocking browser add-on.

We just wanted to let you know that our site content is, of course, available to you absolutely free of charge.

Our ads are the only way we have to be able to bring you the latest high-quality content, which is written by professional journalists, with the help of editors, graphic designers, and our site production and I.T. staff, as well as many other talented people who work around the clock for this site.

So, we ask you to add this site to your Ad Blocker’s "white list" or to simply disable your Ad Blocker while visiting this site.

Continue on this site freely
You are here: Home / Big Data / Flame Malware Extraordinary at Spying
Stuxnet-Like Flame Malware Extraordinary at Spying
Stuxnet-Like Flame Malware Extraordinary at Spying
By Jennifer LeClaire / NewsFactor Network Like this on Facebook Tweet this Link thison Linkedin Link this on Google Plus
Security researchers have been analyzing a potential new threat over the past few days that has been operating under the radar screen for at least two years. It's a Stuxnet-like malware that researchers are calling Flame and has turned up primarily in the Middle East and Eastern Europe.

We caught up with Bill Morrow, CEO and executive chairman of Quarri Technologies, to get his take on the latest, potentially massive, outbreak that started in Iran. He told us Flame claims to be the most sophisticated piece of malware to date.

"This piece of malware, whose purpose is to steal Relevant Products/Services, keystrokes and recorded conversations, is 20 times bigger than Stuxnet," Morrow said. "Flame appears to have been operating as early as 2010 and created around the same time as Stuxnet and Duqu, providing another example that cyber war and cyber espionage are ongoing concerns for many organizations."

Who Is Targeted?

According to Symantec, the code was not likely to have been written by a single individual but by an organized, well-funded group of people working to a clear set of directives. Certain file names associated with the threat are identical to those described in an incident involving the Iranian Oil Ministry, the firm noted.

"While our analysis is currently ongoing, the primary functionality is to obtain information and data. Initial telemetry indicates that the targets of this threat are located primarily in Eastern Europe and the Middle East," Symantec wrote in its Security Response blog.

Symantec said the industry sectors or affiliations of the individuals targeted are currently unclear, however, initial evidence indicates that the victims may not all be targeted for the same reason. Many appear to be targeted for individual personal activities rather than the company they are employed by.

Avoiding the Attack

Morrow said the best way for companies to avoid these sophisticated attacks such as Flame, Stuxnet and Duqu is to use a layered security strategy. That's because keyloggers, malware and cyberattacks have increased the potential for unauthorized access to, and information theft from endpoints. Having a browser security solution, he added, is imperative to a complete security strategy.

"Sophisticated malware can compromise Web sessions after the data has been decrypted, stealing login credentials as they are entered, transparently redirecting users to hostile sites and mining the session content. User names and passwords from Web sessions remain available in the authentication cache and vulnerable to leakage," Morrow said.

"Stuxnet, Duqu and Flame are great examples of an era in which we now live in where cyber war and cyber espionage are becoming more mainstream and successfully exploiting infected systems. And unfortunately, we can expect to see more of these types of threats grow in sophistication and regularity in the years to come."

Tell Us What You Think


Like Us on FacebookFollow Us on Twitter
© Copyright 2017 NewsFactor Network. All rights reserved. Member of Accuserve Ad Network.