Flame spy virus gets order to vanish: experts

Jun 10, 2012 by Glenn Chapman
This undated screen grab taken released by the Kaspersky Lab site shows a program of the computer virus known as Flame. US computer security researchers said Sunday that the Flame computer virus that smoldered undetected for years in Middle Eastern energy facilities has gotten orders to vanish, leaving no trace.

US computer security researchers said Sunday that the Flame computer virus that smoldered undetected for years in Middle Eastern energy facilities has gotten orders to vanish, leaving no trace.

Anti-virus company said in a blog post that late last week, some "command-and-control servers sent an updated command to several compromised computers."

"This command was designed to completely remove (Flame) from the compromised computers."

Flame (malware) appears to have been "in the wild" for two years or longer and prime targets so far have been energy facilities in the Middle East, especially in Iran.

The discovery of Flame immediately sparked speculation that it had been created by US and Israeli security services to steal information about Iran's controversial nuclear drive.

Kaspersky Lab, one of the world's biggest producers of anti-virus software, said the Flame virus was "about 20 times larger than Stuxnet," the worm which was discovered in June 2010 and used against the Iranian .

High concentrations of computers compromised by Flame were also found in Lebanon, the West Bank and Hungary. Additional infections have been reported in Austria, Russia, Hong Kong and the .

Compromised computers included many being used from home connections, according to who were looking into whether reports of infections in some places resulted from workers using laptops while traveling.

While the components and tactics of Flame were considered old-school, the gigantic virus's interchangeable software modules and targeted nature were evidence that malware is a potent weapon in the Internet era.

Computers infected with malware are typically programmed to reach out on the Internet to get updated orders from command servers controlled by hackers.

In this case, it appeared that Flame masters gave an order for the malware to vanish, leaving behind no trail that investigators might be able to follow or clues to its origin.

The self-destruct command was evidently sent after Flame was exposed and investigations commenced.

Infected computers that got the command went on to delete an array of files and then cram disks with random characters to thwart recovery of original code, according to security researchers.

It was unknown how many infected computers received the self-destruct command.

Flame was designed to suck information from computer networks and relay what it learned back to those controlling the virus. It can record keystrokes, capture screen images, and eavesdrop using microphones built into computers.

In an intriguing twist, the can also use Bluetooth capabilities in machines to connect with smartphones or tablets, mining contact lists or other information, according to security researchers.

Explore further: Brazil enacts Internet 'Bill of Rights'

add to favorites email to friend print save as pdf

Related Stories

Flame virus a new age cyber spy tool

May 31, 2012

The Flame computer virus that smoldered undetected for years in Middle Eastern energy facilities confirmed fears that the world has entered a new age of cyber espionage and sabotage.

Malware hunter Kaspersky warns of cyber war dangers

Jun 06, 2012

The Russian malware hunter whose firm discovered the Flame virus said Wednesday there could be plenty more malicious code out there, and warned he feared a disastrous cyber attack could be coming.

Global wave of Flame cyber attacks called staggering

May 28, 2012

(Phys.org) -- Kaspersky Lab has discovered complex malware that has been in operation for at least five years, collecting data from countries including both Israel and Iran. Kaspersky experts think the masterminds ...

Apple out to kill widespread Macintosh virus

Apr 11, 2012

Apple said it is crafting a weapon to vanquish a Flashback virus from Macintosh computers and working to disrupt the command network being used by hackers behind the infections. ...

Koobface computer virus gang unmasked

Jan 17, 2012

Online security researchers claimed Tuesday to have identified the members of a Russian gang of cyber criminals behind the Koobface computer virus which has attacked Facebook and other sites.

Recommended for you

Brazil enacts Internet 'Bill of Rights'

7 hours ago

Brazil's president signed into law on Wednesday a "Bill of Rights" for the digital age that aims to protect online privacy and promote the Internet as a public utility by barring telecommunications companies ...

Brazil passes trailblazing Internet privacy law

Apr 23, 2014

Brazil's Congress on Tuesday passed comprehensive legislation on Internet privacy in what some have likened to a web-user's bill of rights, after stunning revelations its own president was targeted by US ...

User comments : 3

Adjust slider to filter visible comments by rank

Display comments: newest first

Cave_Man
2.5 / 5 (11) Jun 10, 2012
It's called skynet, get in the know. It's not people it's machines, which will soon infect as many people as possibly with nanobots instructed to construct "computers" in-viva using organic materials. Have you bought a cellphone recently? You have been infected with a nano-bot(s).

The future is not ours, it's theirs and they are intent on keeping it that way. Pretty soon they will use robot insects to infect you. Good luck people.

Hehehe j/k....or am I?

Live like you are alive.
Burnerjack
1.4 / 5 (10) Jun 10, 2012
Flame is a myth created by the Iranians to both explain away their own ineptitude, thereby possibly sparing the lives of their nuclear scientists and generating maximum ill will in the Arab world towards Americans and of course, the Jooooz.
rwinners
not rated yet Jun 11, 2012
Flame and Stuxnet are weapons of war. Odd, isn't it? At least there are no bombs falling on cities or gases spreading....

could be worse!

More news stories

New breast cancer imaging method promising

The new PAMmography method for imaging breast cancer developed by the University of Twente's MIRA research institute and the Medisch Spectrum Twente hospital appears to be a promising new method that could ...

Research proves nanobubbles are superstable

The intense research interest in surface nanobubbles arises from their potential applications in microfluidics and the scientific challenge for controlling their fundamental physical properties. One of the ...

Using antineutrinos to monitor nuclear reactors

When monitoring nuclear reactors, the International Atomic Energy Agency has to rely on input given by the operators. In the future, antineutrino detectors may provide an additional option for monitoring. ...