"Flame" infected thousands of computers across the Middle East as Spy Agent and stole its data

A new data-stealing virus has been discovered dubbed Flame which has lurked inside thousands of computers across the Middle East for as long as five years as part of a sophisticated cyber warfare campaign. 

Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.

"The most complex piece of malicious software discovered to date", according to Kaspersky Lab security senior researcher Roel Schouwenberg, whose company discovered the virus. This discovery by one of the world’s largest makers of anti-virus software will spark speculation if other nations are also playing the tactics through secret cyber weapons.

“If Flame went on undiscovered for five years, the only logical conclusion is that there are other operations ongoing that we don’t know about,” Schouwenberg said in an interview.

Kaspersky Lab discovered Flame while investigating reports that a virus named Wiper is attacking computers in Iran. However, they did not know who built Flame. However, they failed to turn up anything that resembled Wiper.

This Moscow-based company gained notoriety in cyber weapons research after solving several mysteries surrounding Stuxnet and Duqu, is controlled by Russian malware researcher Eugene Kaspersky.

If the Lab’s analysis has the reality then, Flame could be the third major cyber weapon uncovered after the Stuxnet virus that attacked Iran’s nuclear program in 2010, and its data-stealing cousin Duqu, named after the Star Wars villain.

Researchers at Kaspersky still finding full significance of the "Flame" although they were only starting to understand how Flame works because it is so complex.

The Lab’s research found most of the infected machines are in Iran, followed by the Israel/Palestine region, then Sudan and Syria. More than 5,000 personal computers around the world have been infected, including a handful in North America.

“The geography of the targets and also the complexity of the threat leaves no doubt about it being a nation-state that sponsored the research that went into it,” the BBC quoted Kaspersky’s chief malware expert Vitaly Kamluk.

Complexity of Flame

The virus contains about 20 times more codes as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail, while about 100 times more code as a typical virus designed to steal financial information, Schouwenberg said, and there was evidence to suggest the code was commissioned by the same nation or nations that were behind Stuxnet and Duqu, which were built on a common platform.

Both Flame and Stuxnet appear to infect machines by employing a similar way of spreading  and exploiting the same flaw in the Windows operating system.

The ITU (International Telecommunications Union), a UN agency that promotes research and cooperation on telecommunications technology, asked Kaspersky Lab to investigate further.