Posts tagged stuxnet
Powerful ‘Flame’ Cyber Weapon Hits Middle East Targets Iran
May 28th
Security experts have discovered a new data-stealing virus dubbed “Flame” they say has lurked inside thousands of computers across the Middle East for as long as five years as part of a sophisticated cyber warfare campaign.
A computer engineer checks equipment at an internet service provider in Tehran
It is the most complex piece of malicious softwarediscovered to date, said Kaspersky Lab security senior researcher Roel Schouwenberg, whose company discovered the virus. The results of the Lab’s work were made available on Monday.
Schouwenberg said he did not know who built Flame.
If the Lab’s analysis is correct, Flame could be the third major cyber weapon uncovered after the Stuxnet virus that attacked Iran’s nuclear program in 2010, and its data-stealing cousin Duqu, named after the Star Wars villain.
The discovery by one of the world’s largest makers of anti-virus software will likely fuel speculation that nations have already secretly deployed other cyber weapons.
“If Flame went on undiscovered for five years, the only logical conclusion is that there are other operations ongoing that we don’t know about,” Schouwenberg said in an interview.
The Moscow-based company is controlled by Russian malware researcher Eugene Kaspersky, and gained notoriety in cyber weapons research after solving several mysteries surrounding Stuxnet and Duqu.
Researchers at Kaspersky said they were only starting to understand how Flame works because it is so complex. The full significance will not be known until other cyber security firms obtain samples of Flame.
The Lab’s research shows the largest number of infected machines are in Iran, followed by the Israel/Palestine region, then Sudan and Syria.
Complex Virus
The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. It has about 100 times as much code as a typical virus designed to steal financial information, Schouwenberg said.
Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.
He said there was evidence to suggest the code was commissioned by the same nation or nations that were behind Stuxnet and Duqu, which were built on a common platform.
Both Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and employ a similar way of spreading.
That means the teams that built Stuxnet and Duqu might have had access to the same technology as the team that built Flame, he said. Schouwenberg said he believed the attack was highly targeted, aimed mainly at businesses and academic institutions. He estimated that no more than 5,000 personal computers around the world have been infected, including a handful in North America.
Kaspersky Lab discovered Flame while investigating reports that a virus dubbed Wiper was attacking computers in Iran.
The International Telecommunications Union, a U.N. agency that promotes research and cooperation on telecommunications technology, asked Kaspersky Lab to investigate those reports.
Schouwenberg said that his team discovered Flame, but failed to turn up anything that resembled Wiper. source – MSNBC
Stuxnet Worm Traced Back To Israel
Jan 15th
In the book of Esther, we read of the Jew-hating Haman who desired nothing less than the destruction of the entire race of Jews. But Mordeci beats him at each and every turn, because the God of Israel was supporting him. One night, Haman is complaining to his wife and friends about how much he hates the Jews and how frustrated he is that Mordeci keeps winning. This is what they said to him. “If Mordecai [be] of the seed of the Jews, before whom thou hast begun to fall, thou shalt not prevail against him, but shalt surely fall before him.” Esther 6:13 And so it goes when anyone comes up against God’s people, but the bad guys just never seem to learn that lesson. And this lesson brings us right up to the present with this story -
Israel developed the computer virus that took Iran’s nuclear facility offline
The Dimona complex in the Negev desert is famous as the heavily guarded heart of Israel’s never-acknowledged nuclear arms program, where neat rows of factories make atomic fuel for the arsenal. Over the past two years, according to intelligence and military experts familiar with its operations, Dimona has taken on a new, equally secret role — as a critical testing ground in a joint American and Israeli effort to undermine Iran’s efforts to make a bomb of its own.
Behind Dimona’s barbed wire, the experts say, Israel has spun nuclear centrifuges virtually identical to Iran’s at Natanz, where Iranian scientists are struggling to enrich uranium. They say Dimona tested the effectiveness of the Stuxnet computer worm, a destructive program that appears to have wiped out roughly a fifth of Iran’s nuclear centrifuges and helped delay, though not destroy, Tehran’s ability to make its first nuclear arms. “To check out the worm, you have to know the machines,” said an American expert on nuclear intelligence. “The reason the worm has been effective is that the Israelis tried it out.”Though American and Israeli officials refuse to talk publicly about what goes on at Dimona, the operations there, as well as related efforts in the United States, are among the newest and strongest clues suggesting that the virus was designed as an American-Israeli project to sabotage the Iranian program. source – NY Times
