What is Flame Malware?
Flame is the malware also known as Flamer, sKyWIper, and Skywiper. This is massive, complex and sophisticated malware that designed for collecting information and espionage. The Flame malware was first discovered in 2012 and announced on 28 May 2012 by MAHER Center of Iranian National Computer Emergency Response Team (CERT), and founded by Kaspersky Lab. In the initial reports it have termed that this malware as an “attack toolkit” or “platform” as it includes capabilities similar to a Trojan, a worm, and a botnet-controlled backdoor.
What makes this malware most complex is the identity of attackers remains unknown. The motive of this malware is only grabbing information of the big organizations, institutions, or nation states in the Middle East. There is also speculation that this type of espionage is most likely perpetrated by a rival nation state, though no strong confirmation currently exists for this.
With the help of information available on the Internet, we put this article upfront so that users can know more about it and how dangerous this malware is.
What is Flame?
Flame is a sophisticated malware that makes attempt to steal sensitive information from the widespread organization, institutions and etc. This attack toolkit leaves a backdoor or Trojan on computers and can propagate itself through a local network as a computer worm does. Flame Malware exploits the Windows vulnerabilities and attacks the computer running the Microsoft Windows operating system. However, according to the Kaspersky Lab report it is yet not confirmed.
Flame can sniff network traffic, take snap, record audio conversations, log keystrokes, and collects information about discoverable Bluetooth devices nearby and turn the infected computer into a discoverable Bluetooth device.
Flame malware has many levels of encryption and over 20 different modules and plug-ins that can be changes in and out for additional functionality. Additionally, Flame also has a unique feature in that portion of its code was written in LUA (a programming language) that is mostly used for game development compare to malware. Some security experts also believes that Flame is well-coordinated and probably created and spread with the help of “nation-state support” rather than any typical cyber criminals, although it is yet not confirmed and no country is taking responsibility for this malware.
Flame malware have different version that is spreading and communicating with more than 80 different command-and control servers. Various blogs post and written theories are available that give you more enhance knowledge with proper analysis like Kaspersky technical analysis report, and McAfee’s technical blog post. Most of the experts and after their analysis and blog post, they find they refer to Flame threat as “sKyWIper.”
What was Flame Malware Attack?
Flame Malware attack was first discovered on 2012 by Kaspersky. It is also called as Family of Malware attack had initially infected approximately 1, 000 machines at one time with victims including government, organizations, private individuals, and educational institutions.
When the Flame malware attacked it was really difficult to found its entry or the main gate from where it had been entered in the computer system. It was mainly attacked computer running on Microsoft Windows operating system. And even after the analysis by the experts, Flame was considered as the most complex, and sophisticated malware till now.
According to the estimate, 65% of Flame attacks was occurred in Iran, Israel, Palestine, Sudan, Syria, Lebanon, Saudi Arabia, and Egypt, with a "huge majority of targets" within Iran.
With this, Flame has also been reported in Europe and North America. Flame featured a “KILL” command which erases all traces of the malware from the infected computer. Once Flame enters into the user’s computer and once it accomplish the target and, the “kill” command was sent.
How does it spread?
It is still unclear what the initial mode of entry for Flame malware is. But, it is said that Flame malware spread within a network via USB, network shares, over a local network (LAN), but spread only when instructed to do so by the attacker. As we also told you that this program also records communications including Skype conversation and can turn infected computers into Bluetooth beacons which attempt to download contact information from nearby Bluetooth-enabled devices. This information, together with documents saved locally, is transferred to one of several command and control servers located across the world. After that, the application waits for future instructions from these servers.
Who is behind the Flame Malware?
It is yet not clear that who created and conducted the Flame malware, but in the word of Schouwenbe, the researcher believes that it was the action of the nation-state or someone hired by a nation-state because of the advanced nature of threat. It is also said that considering it from the British side only because of its Code, which is in the English language.
On the other hand, as per liberal Jewish blog, Tikun Olam cites an unidentified source, Israeli cyber warfare professionals designed Flame to penetrate computers in Iran, Israel, Palestine, and elsewhere that are engaged in activities that concern Israel's secret police, including military intelligence.
How to Tackle Flame Malware?
As experts says, most of the major antivirus software now detects Flame, so updating your security software will protect you. Waredot offers the Ultimate protection software that comes with 2 software in one package. Waredot Ultimate protection helps you to protect your online visiting, and remove the virus or malware from the system. This combo pack of 3 three software will give you the best protection and work calmly on your system.
Waredot Ultimate protection comes with advanced features such as Firewall protection, Read Guard, Email Filters, Anti-Phishing & Spamming, PC Optimizer, Startup Manager and etc. In case, you don’t want to continue with the Ultimate in the future, you can easily back to the individual plan as well. Check out Waredot’s plans & pricing for better online protection.
Hey guys! This was the guide about “what is Flame malware.” We have discussed the latest information available online and we will update it as per the information updates about Flame malware. We recommend you stay update on the Malware information so that you can prevent your company and data.
Hope you find this article helpful and informative. If you’ve any queries regarding this article please let us know in the comment section. We would be glad to answer you!