Following “flame” attack on Iran, Kaspersky issues cyberwar warning

Posted on June 4, 2012


Europe’s largest antivirus company Kaspersky Lab warned against possible cyberwar, following the “flame” virus that attacked computers in Iran and the Middle East, NY Times reported.

Kaspersky Lab recognized “Flame” as a technologically sophisticated virus that only a government could create.

Kaspersky Lab said most infections (189) were found in Iran, and, although other infections (98) were also found in Israel and the Palestinian territories, its sophistication has triggered media speculation that it was created by Israel.

Although no one has yet claimed responsibility for creating Flame, Iran was quick to criticize Israel.

“Cyberweapons are the most dangerous innovation of this century,” Kaspersky’s founder Eugene Kaspersky told a gathering of technology company executives, called the CeBIT conference, last month in Sydney, Australia.

Last month Iran dismissed Kaspersky’s claim for neutralizing the virus, noting that it was discovered by Iran’s Maher Computer Emergency Response Team Coordination Center.

The data-stealing virus dubbed “Flame” has reportedly lurked inside thousands of computers across the Middle East for as long as five years as part of a sophisticated cyber warfare campaign, according to Reuters.

Kaspersky Lab experts said “Flame” is the most complex piece of malicious software discovered to date.

Eugene Kaspersky said “Flame” is comparable to the infamous “Stuxnet” virus built by programmers to attack Iran’s computers, and slow down the nuclear program of the Islamic Republic.

Some computer security firms say Kaspersky’s researchers have hyped Flame, noting “it is too early to call virus a cyber weapon and suggest it was sponsored by a state”.

Eugene Kaspersky said his company tackled Flame upon the request of the International Telecommunications Unit, a branch of the United Nations. He assigned about three dozen engineers to investigate a virus that was erasing files on computers at Iran’s oil ministry.

Kaspersky researchers, some of whom had analyzed suspected United States and Israeli viruses that destroyed centrifuges in Iran’s nuclear program two years earlier, were already following up on complaints from Iranian clients that Kaspersky’s antivirus software was not catching a new type of malware on their systems, Kaspersky officials said.

“We saw an unusual structure of the code, compressed and encrypted in several ways,” Vitaly Kamlyuk, a researcher on the team that cracked the virus.

It was the first virus to look for Bluetooth-enabled devices in the vicinity, either to spread to those devices, map a user’s social or professional circle, or steal information from them.

The program also contained a command called “microbe” that silently turned on users’ microphones to record their conversations and sent audio files back to the attackers. It was clearly not a virus made by criminals.

“Antivirus companies are in a not easy situation,” Mr. Kaspersky said. “We have to protect our customers everywhere in the world. On the other hand, we understand there are quite serious powers behind these viruses.”


Posted in: iran technology