Internet security company Kaspersky Lab announced on Monday that it had uncovered a ‘cyber-espionage worm’ designed to collect and delete sensitive information, primarily in Middle Eastern countries.
Kaspersky called the malware, named “Flame,” the “most sophisticated cyber-weapon yet unleashed.” It said the bug had infected computers in Iran, the West Bank, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.
Internet security firm Kaspersky calls ‘Flame’ bug the ‘most sophisticated cyber-weapon yet unleashed,’ hints it may have been created by makers of Stuxnet worm.
The company also said that Flame contained a specific element that was used in the Stuxnet worm and which had not been seen in any other malware since.
On its blog, Kaspersky called Flame a “sophisticated attack toolkit,” adding that it was much more complex than Duqu, the vehicle used to deliver Stuxnet.
Kaspersky’s chief malware expert Vitaly Kamluk told the BBC that more than 600 specific targets had been hit by Flame, including computers owned by individuals, businesses, academic institutions and government systems.
Kamluk said he believed the malware had been operating at least since August 2010, and probably earlier, adding that there was “no doubt” that it was developed by a state actor.
Symantec, another Internet security firm, said on its blog that the bug’s code was on par with that of Stuxnet and Duqu, which it described as “arguably the two most complex pieces of malware we have analyzed to date.”
According to the firm, the worm had been operating discreetly for at least two years and was likely written by “an organized, well-funded group of people working to a clear set of directives.”
Symantec said the virus had also been found in computers in Hungary, Austria, Russia, Hong Kong and the United Arab Emirates.