Thursday, September 12, 2024

New In-the-Wild Malware Linked to State-Sponsored Flame Targeting Iran

Datamation content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More.

Ars Technica: Security researchers from Symantec and Kaspersky Labs have published a joint report which sheds a great deal of new light on the Flame malware. Notably, they have discovered that the command and control servers behind Flame also supported three other pieces of malware, one of which is currently in circulation. They also found the names or code-names for four of the malware creators, as well as evidence that those creators began working on the code as early as 2006. In addition, they discovered that just one Flame server collected 5.5 GB of data from its targets over an eight-day period. “That’s pretty staggering,” said Symantec’s Vikram Thakur. “If the attackers actually continued their operations in a similar manner or with high frequency over the past five years they probably have terabytes of information collected from pretty much whoever they chose. That’s a lot of information that they could make use of. That would be every target’s life history a few times over.”

The report concludes, “These features are not normally found in malware created by everyday cyber-criminals, reaffirming our initial conclusions that Flame is a nation-state sponsored attack.”

Subscribe to Data Insider

Learn the latest news and best practices about data science, big data analytics, artificial intelligence, data security, and more.

Similar articles

Get the Free Newsletter!

Subscribe to Data Insider for top news, trends & analysis

Latest Articles