SALON

Tuesday, May 29, 2012 3:45 PM UTC

New cyberweapon discovered; Iranian computers hit

The virus, which turns computers into listening devices and sucks information from cell phones, is possibly Israeli

By

Topics: From the Wires, ,

LONDON (AP) — A massive data-slurping cyberweapon is circulating in the Middle East, a Russian Internet security firm reported Monday, saying that computers in Iran appear to have been particularly affected.

The virus, dubbed “Flame,” is unprecedented both in terms of its size and complexity, Moscow-based Kaspersky Lab ZAO reported, saying it possesses the ability to turn infected computers into listening devices and even suck information out from nearby cell phones.

“The complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date,” the company said in a blog post announcing the discovery.

The announcement sent a ripple of excitement across the computer security sector. Flame is the third major cyberweapon discovered in the past two years, and Kaspersky’s conclusion that it was crafted at the behest of a national government fueled speculation that the virus could be part of an Israeli-backed campaign of electronic sabotage aimed at archrival Iran.

Some evidence suggests that the people behind Flame also helped craft Stuxnet, a notorious virus that disrupted controls of some nuclear centrifuges in Iran in 2010, according to Ilan Froimovici, the technical director at Power Communications, which represents Kaspersky in Israel.

The two codes “use the same vulnerabilities in the operating system and the computer infrastructure in order to infect the computer system. We do believe that the same programmers built the two codes,” he said.

Stuxnet revolutionized the cybersecurity field because it targeted physical infrastructure rather than data, one of the first demonstrations of how savvy hackers can take control of industrial systems to wreak real-world havoc.

Unlike Stuxnet, Flame appears focused on espionage, Kaspersky said. The virus can activate a computer’s audio systems to eavesdrop on Skype calls or office chatter, for example. It can also take screenshots, log keystrokes, and — in one of its more novel functions— suck data from Bluetooth-enabled cell phones.

Iran has not disclosed any data lost to the new virus, but Israel’s vice premier did little to deflect suspicion about possible Israeli involvement in the latest attack.

“Whoever sees the Iranian threat as a significant threat is likely to take various steps, including these, to hobble it,” Israeli Vice Premier Moshe Yaalon told Army Radio when asked about Flame. “Israel is blessed with high technology, and we boast tools that open all sorts of opportunities for us.”

Alan Woodward, a professor of computing at the University of Surrey in southern England, said that Flame was a different order of threat than run-of-the-mill cyberfraud programs.

“Most malware writers like to have tiny bits of code that kind of hide away in the dross that’s on a computer,” Woodward said. “Flame is 20 megabytes large. That’s nearly 60 times the average size of malware samples collected by Internet security company Sophos in 2010, around the same time that Kaspersky believes Flame first started spreading.

Woodward compared the virus to a smartphone. Depending on what kind of espionage you want to carry out, “you just add apps.”

He said Flame’s ability to attack Bluetooth-enabled devices left near a computer attack was “very unusual.”

Bluetooth is a short-range wireless communications protocol generally used for wireless headsets, in-car audio systems or file swapping between mobile phones. Woodward said that Flame can turn an infected computer into a kind of “industrial vacuum cleaner,” copying data from vulnerable cell phones or other devices left near it.

“I don’t believe I’ve seen it before,” he said.

Udi Mokady, CEO of Cyber-Ark, an Israeli developer of information security, said he thought four countries, in no particular order, had the technological know-how to develop so sophisticated an electronic offensive: Israel, the U.S., China and Russia.

“It was 20 times more sophisticated than Stuxnet,” with thousands of lines of code that took a large team, ample funding and months, if not years, to develop, he said. “It’s a live program that communicates back to its master. It asks, where should I go? What should I do now? It’s really almost like a science fiction movie.”

Iran claims Stuxnet and other computer viruses have done no serious harm to Iran’s nuclear or industrial facilities. It sees them as part of a campaign by Israel, the U.S. and their allies to undermine its nuclear program with tactics that include the assassination of Iranian atomic scientists.

Kaspersky said the cyber espionage worm came to its attention after the United Nations’ International Telecommunication Union asked it for help in finding a piece of malware that was deleting sensitive information across the Middle East. The company stumbled across Flame when searching for that other code, it said.

The Geneva-based union didn’t return emails seeking comment.

The discovery of the Flame virus comes just days after talks between Iran and six world powers in Baghdad failed to persuade Tehran to freeze uranium enrichment. A new round of talks is expected to take place in Moscow next month.

Yaalon, the Israeli vice premier, told Army Radio on Tuesday that the talks in Iraq “yielded no significant achievement” except to let Iran buy time. He appeared to take a swipe at President Barack Obama by saying it might “even be in the interest of some players in the West to play for time.”

Yaalon in the past has expressed disappointment that the U.S. has delayed plans to expand sanctions against Iran, suggesting Washington was afraid the penalties would send oil prices soaring and hurt Obama’s re-election chances.

____

Diaa Hadid contributed to this report from Jerusalem.

More Amy Teibel.

Next Article

Related Stories

More Related Stories

Featured Slide Shows

The week in 10 pics

close X
  • Share on Twitter
  • Share on Facebook
  • Thumbnails
  • Fullscreen
  • 1 of 11
  • Lisa Montgomery embraces her nephew Thursday after a tornado tore apart her home in Cleburne, Texas. The twister killed six people and destroyed entire swaths of the North Texas town.
    Credit: AP/LM Otero

  • Jack McMahon, the defense attorney for abortion doctor Kermit Gosnell, speaks outside the Criminal Justice Center in Philadelphia Tuesday. His client was convicted of killing three babies in his clinic, and will serve multiple life sentences.
    Credit: AP/Matt Rourke

  • A photo taken Monday captures Vice President Joe Biden's response to a Milwaukee second-grader's innovative proposal to end America's epidemic of gun violence. This guy!
    Credit: AP/Jenny Aicher

  • Sen. Rand Paul, R-Ky., flanked by a grouper-eyed Michele Bachmann, addresses the IRS' admission that it targeted Tea Party groups in advance of the 2012 election. In an op-ed for CNN Thursday, the Kentucky senator slammed the president for his faux outrage.
    Credit: AP/Molly Riley

  • Ousted IRS chief Steven Miller is sworn in on Capitol Hill Friday. Miller testified before the House Ways and Means Committee on the extra scrutiny the agency gave conservative groups applying for tax-exempt status.
    Credit: AP/J. Scott Applewhite

  • Attorney General Eric Holder pauses as he testifies on Capitol Hill before the House Judiciary Committee Wednesday. Holder is under fire, among other things, for the Justice Department's gathering of phone records at the Associated Press.
    Credit: AP/Carolyn Kaster

  • O.J. Simpson sits during an evidentiary hearing at Clark County District Court in Las Vegas, Nev., Thursday. Simpson, who is currently serving a nine-to-33-year sentence in state prison for armed robbery and kidnapping, is using a writ of habeas corpus to seek a new trial.
    Credit: AP/Las Vegas Review-Journal/Jeff Scheid

  • Major Tom to ground control: On Sunday astronaut Chris Hadfield recorded the first music video from space, a cover of David Bowie's "Space Oddity."
    Credit: AP/NASA/Chris Hadfield

  • When it rains it pours. President Barack Obama speaks during a news conference Thursday with Turkish Prime Minister Recep Tayyip Erdogan, inexplicably inspiring an #umbrellagate Twitter meme.
    Credit: AP/Jacquelyn Martin

  • A smoke plume rises high above a road block at the intersection of County A and Ross Road east of Solon Springs, Wis., Tuesday. No injuries were reported, but the the wildfire caused evacuations across northwestern Wisconsin.
    Credit: AP/The Duluth News-Tribune/Clint Austin

  • Recent Slide Shows

  • Share on Twitter
  • Share on Facebook
  • Thumbnails
  • Fullscreen
  • 1 of 11

Related Videos

Comments

 0 Comments

Comment Preview

Your name will appear as username

You may use these HTML tags and attributes: <a href=""> <b> <em> <strong> <i> <blockquote>

follow salon

Most Read

Popular on Reddit

links from salon.com

From Around the Web

Presented by Scribol
listener_new_rect The Listener: Chekhov's story mirrors Russia's own

Recommendations