Flame, a highly sophisticated virus that was first discovered in Iranian oil refineries, and is supposedly the result of a U.S. and Israel joint effort to slow down Iran's nuclear program, reports The Washington Post. The information comes from multiple Western officials who purportedly have knowledge of the project, but of course want to remain anonymous.
This shouldn't come as a surprise considering the U.S. were unveiled as using the volatile Stuxnet virus, where The New York Times reported about Operation: Olympic Games, which is a project that used Stuxnet and Duqu, both sophisticated viruses. These viruses targeted Iranian SCADA systems, that allowed the creators of this virus to gather intelligence and even control aspects of Iran's nuclear and oil refining facilities.
Stuxnet code has been found within the Flame virus, according to security researchers, which is an unofficial confirmation that the creators of the Stuxnet virus (the U.S. government) are also behind this new nasty virus. Once this was discovered, in Get Smart fashion, the virus began to self-destruct, hastily removing itself from infected computers... not suss, huh?
Flame is quite capable, measuring in at 20MB, it carried a payload that could be transmitted through spoofing Windows updates, allowing it to infect even non-compromised systems on the same network. Where it gets dirty, is the fact that the creators of Flame used what is believed to be an unknown MD5 collision attack to forge Microsoft's digital signature on a fraudulent certificate, this in itself is an achievement which was described by security researchers as the 'holy grail of malware writers'.
Flame goes a step further, where it's capable of utilizing microphones and web cameras, logs keystrokes, collects screen shots, and allows it to propagate via removable like USB flash drives, and more, allowing it to be introduced into sensitive networks that are isolated from the public. Flame is even capable of using Bluetooth to send commands to other computers, allowing it to have many options of infecting, monitoring and controlling nearby workstations.
I always thought that would be an act of war? If the U.S. were behind such an attack (be it cyber, or not) then if the shoe was on the other foot and Iran were cyber-attacking U.S.-based nuclear facilities, I'm pretty sure that would be an entirely different story, with an entirely different outcome.
Further Reading: Read and find more Hacking & Security news at our Hacking & Security news index page.