Flame is a malware threat that is tearing through computer systems across the Middle East and in Africa, leaving devastation in its wake. Experts claim that Flame is one of the most sophisticated viruses that has ever been discovered. It targets computers running the Microsoft Windows operating system and stems from targeted cyber espionage.
Flame has many different libraries for compression and data manipulation, and it implements security algorithms as well as a Lua virtual machine, Kaspersky said. The file is about 20 MB in size and is an incredibly complex virus.
The worm’s sole purpose is to collect information on operations in the Middle East. It attacks systems without distinction. Victims include individuals, educational institutions and state organizations. Infected systems keep records of all visuals, audio, and keystrokes. It then sends the information to a remote location. Flame is also capable of retrieving information from nearby machines via a local network or USB drive.
Since there are many programs with similar lines of code, it’s hard for experts to track the malware and its progress. There’s speculation that it’s related popular worms that have been on the rise, but Kaspersky claims that while the worms share many similar elements, they have no relation to Flame.
“Yes, it is a highly modular piece of code with many components, but that doesn’t equate to the conventional term of complexity with regard to threats,” Jaroch of Webroot said. Furthermore, while Flame uses different algorithms, “none of them are challenging,” Jaroch said. They’re “significantly outdated and easily broken automatically by current security technology.”
Experts are unsure whether or not Flame poses a threat to the general public, as most antivirus software is capable of detecting and stopping pieces of the malware. The true problems lies with the overly- complex nature of the malware. Webroot “automatically developed a solution in 2007 … and it would not be difficult for Iran to develop a solution either in our opinion.”