A Massive Web of Fake Identities and Websites Controlled Flame Malware. Map showing the number and geographical location of Flame infections on Kaspersky customer machines.
Courtesy of Kaspersky Lab The attackers behind the complex Flame cyberespionage toolkit, believed to be a state-sponsored operation, used an extensive list of fake identities to register at least 86 domains, which they used as part of their command-and-control center, according to researchers at Russia-based antivirus firm Kaspersky Lab. Kaspersky says the size of the command-and-control infrastructure, which appears to have been still partially active a few days ago even after the operation was publicly exposed, exceeds anything they’ve seen before. “The huge amount of fake domains and fake identities used to run this infrastructure is pretty much unprecedented and unlike any other malware that we have seen before,” said Roel Schouwenberg, senior antivirus researcher at Kaspersky Lab. Meet Flame, the Nastiest Computer Malware Yet. A nasty and complex malware program known as Flame has been unmasked after four years of cyber-attacks on several countries, according to Russian anti-virus firm Kaspersky Lab.
The firm — which analyzed the malware over the weekend and revealed it to be the largest and most complex attack toolkit to date — believes that it was commissioned by a country or countries' government. "Flame is a covert operation in cyber-space and without a doubt, it's been commissioned by a nation-state or nation-states," senior researcher Roel Schouwenberg at Kaspersky Lab told Mashable. Meet 'Flame', The Massive Spy Malware Infiltrating Iranian Computers. Map showing the number and geographical location of Flame infections detected by Kaspersky Lab on customer machines.
Courtesy of Kaspersky A massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation. The malware, discovered by Russia-based antivirus firm Kaspersky Lab, is an espionage toolkit that has been infecting targeted systems in Iran, Lebanon, Syria, Sudan, the Israeli Occupied Territories and other countries in the Middle East and North Africa for at least two years. Dubbed “Flame” by Kaspersky, the malicious code dwarfs Stuxnet in size — the groundbreaking infrastructure-sabotaging malware that is believed to have wreaked havoc on Iran’s nuclear program in 2009 and 2010.
Kaspersky Lab is calling it “one of the most complex threats ever discovered.”