According a post on the Trend Micro blog TrendLabs, there’s an information stealing malware known as Flame that has been traversing Iran and other countries since 2010.
Considered one of the most sophisticated forms of malware around, Flame can steal computer display contents, stored files, and capture recording audio and screen shots via the microphone of an affected computer.
Trend Micro detects this malware as WORM_FLAMER.A. Kaspersky Lab, which discovered the malware during an investigation prompted by the International Telecommunication Union, detects the Flame malware as Worm.Win32.Flame. Despite that, the malware has gone undetected for the past two years because of its complexity and the focused nature of its attacks, which, according to Kaspersky, prevented security software programs from detecting it.
“The risk of cyber warfare has been one of the most serious topics in the field of information security for several years now,” said Kaspersky Lab co-founder and CEO Eugene Kaspersky in a press release on the Kaspersky website. “It’s important to understand that such cyber weapons can easily be used against any country. Unlike conventional warfare, the more developed countries are actually the most vulnerable in this case.”
According to the Kaspersky press release, the Flame malware’s primary purpose is cyber espionage. It steals information from the machines its infected and then sends the information to a “network of command-and-control servers located in many different parts of the world.” Kaspersky’s investigation discovered that Flame can also “replicate over a local network using several methods, including shared printer vulnerability and removable devices such as USB drives.