Dark Reading: 'Flame' Fans Notion Of More Weapons Yet To Be Found

/Home/Internet Security: Articles/Internet Security: Dark Reading/Dark Reading: Attacks & Breaches

Targeted attack looks a lot like conventional spyware, but with some major twists -- and questions about links to Stuxnet, Duqu

May 29, 2012
By Kelly Jackson Higgins

It's big -- 20 times the size of Stuxnet -- and it's stealthy -- operating undetected for years -- but the newly discovered Flame cyberespionage malware at its core is really just next-generation spyware.

This latest cyberweapon, which has the earmarks of a well-funded nation-state, further confirms suspicions that there are still other such attacks out there stealing information in the shadows that we can't see, security experts say. Flame doesn't use the same codebase as Stuxnet or Duqu, but there are some haunting parallels, including Iran as a prime target, a modular design akin to Duqu's, and that Flame uses the same exploits Stuxnet did. But Flame appears so far to be good old-fashioned espionage: It steals documents, takes screenshots of the victim's machine, records Skype calls, and snoops on email and instant messaging sessions.

Click the URL above to read the full article