It seems that super-complex computer malware is fast becoming the weapon of choice for governments around the world. The Russian anti-virus firm Kaspersky has revealed the existence of a new piece of malware it calls, one of the most complex threats ever discovered. The so-called Flame malware is believed to have been operating since August 2010 at least.

The last of this breed of malware was the Stuxnet worm that was designed to damage the equipment in Iranian nuclear facilities. Flame, on the other hand, is not designed to cause damage to vital system, but to gather a huge amount of data silently. An infected system will begin monitoring network traffic, taking screenshots, recording audio from the system microphone, and logging keystrokes. All this is done very carefully to avoid detection.

Flame is not as single-purpose as Stuxnet, but is far from a wide-scale infection. The 20MB virus has been detected on about 600 systems belonging to individuals, businesses, schools, and government agencies. The Flame malware is about 20 times larger than Stuxnet was, making it very difficult to analyze, but researchers feel confident that this threat was designed with government backing. The question of which government is currently up in the air.

Nations that have been targeted by the malware include Syria, Egypt, Israel, Iran, Sudan, and Saudi Arabia. Though, Iran was hit the hardest by far. Unfortunately, that group of targets does not narrow down the perpetrator much; those countries are of interest to many intelligence agencies around the world.

Kaspersky is careful to point out that while August 2010 is the earliest confirmed instance of Flame, it could have been operating even before that. Because this malware is modular, it could continue to evolve long into the future.

via BBC

View original post here:

Kaspersky discovers super-complex Flame malware