Huffpost Technology

'Cyber Superweapon' Is Largest And Most Malicious Ever Discovered

Posted: Updated:

Two security firms have announced the discovery of a cyber weapon which is said to be larger, more damaging and more malicious than any found before.

The malware can attack and steal data, and even record sound from a microphone and send it back to the attacker.

Potentially the malware could enable whoever controls it to bug virtually any room with an infected computer.

Not just government agencies have been attacked, researchers said.

Individuals, businesses, educational institutions and other individuals have been attacked.

Security firm Symantec said, the discovery of the malware, known as Flame - is "one of the most complex, the most sophisticated threats we've ever seen".

Orla Cox, senior manager at Symantec Security Response, told the Huffington Post that the level of professionalism involved in the massive attack "is not something we've seen before".

"I think it would hard to say that anyone other than a nation state would be behind it," Cox said. "You're looking at a well organised well funded group."

More: Symantec senior manager talks to the Huffington Post about Flame

Kapersky Lab said that the "highly sophistacted" programme is collecting private information from countries including Israel and Iran, and has been operating since at least March 2010.

Countries with developed infrastructure - including the UK - are thought to be most vulnerable to the weapon which has reportedly hit more than 600 specific targets.

Others known to have been affected include Sudan, Syria, Lebanon and Saudi Arabia.

It is thought that the "super-cyberweapon" is under the control of a government - but it is not known who, and why they are taking such aggressive action.

Kaspersky said the malware was found during a routine investigation prompted by the International Telecommunication Union (ITU).

Known as Worm.Win32.Flame, the malware can "steal valuable information, including but not limited to computer display contents, information about targeted systems, stored files, contact data and even audio conversations" the company said.

Malware such as Flame has been used by governments in the past to disable weapons systems and spy on sensitive data.

One of the most famous was Stuxnet, a complex virus used to infiltrate and target nuclear weapons development sites in iran.

But Kaspersky Lab said that "due to its extreme complexity, plus the targeted nature of the attacks" no security software was able to detect Flame.

Commenting on uncovering Flame, Eugene Kaspersky, CEO and co-founder of Kaspersky Lab, said:

"The risk of cyber warfare has been one of the most serious topics in the field of information security for several years now.

"Stuxnet and Duqu belonged to a single chain of attacks, which raised cyberwar-related concerns worldwide. The Flame malware looks to be another phase in this war, and it’s important to understand that such cyber weapons can easily be used against any country.

"Unlike with conventional warfare, the more developed countries are actually the most vulnerable in this case."

Kaspersky added that the weapon "requires a large team of top-tier security experts and reverse engineers with vast experience in the cyber defence field".

It will report more details about the malware, its use and who might be behind it on its blog in the coming days.

Symantec’s Security Response also said it was analysing the threat.

The security company said: "This code was not written by a single individual but by an organised well funded group of personnel with directives."

Along with the targets in the Middle East it said Russia, Austria, Hong Kong, and the United Arab Emirates had also been hit, it said.

Around the Web

From Our Partners