Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Flame malware: India safe but needs to be cautious

Debarati Roy | May 31, 2012
Kaspersky Lab's discovery of a highly sophisticated malicious program FLAME has taken the industry by storm. The complexity and functionality of FLAME exceeds those of all other cyber menaces known to date.

Kaspersky Lab's discovery of a highly sophisticated malicious program FLAME has taken the industry by storm. The complexity and functionality of FLAME exceeds those of all other cyber menaces known to date.

The malware gets its name from one of the main module (which was responsible for attacking and infecting additional machines) in the attack toolkit called Flame.

According to Kaspersky Lab, Flame can steal valuable information, including computer display contents, information about targeted systems, stored files, contact data and even audio conversations. Kaspersky lab puts the date of creation of FLAME no later than 2010, probably the month of March.

Kaspersky Lab's initial findings hint at Middle East being the primary geographical target territory and the risk of the malware spreading in the wild is relatively low at present.

"There are two known methods of replication: external media (USB disks) and via local area network, and they are limited using infection counters. It is unlikely that a significant number of its copies will cross country borders," says Aleks Gostev, Chief Security Expert, Global Research and Expert Analysts Team (GrEAT), Kaspersky Lab.

While India is relatively safer at the moment, one must keep in mind that it is just the initial phase of discovery and there is lot that is yet unknown about the malware.

"We have detected only one instance of Flame in India so far. Every infected sample can replicate to a limited (and very small) number of neighbor's machines, so we do not expect that this number will increase," Gostev explians.

However experts warn organizations of the extremely complex nature of the malware and the difficulty in detecting it.

"While it is difficult to completely prevent all such attacks, common security measures could have prevented or limited its replication. It is important to implement proper security policies regarding usage of USB sticks, network level security and to keep Windows and AV software fully updated and patched," Gostev suggests.

The malware was discovered by Kaspersky Lab's experts during an investigation prompted by the International Telecommunication Union (ITU) post a series of incidents with another, still unknown, destructive malware program -- codenamed Wiper -- which deleted data on a number of computers in the Western Asia region.

 

Sign up for MIS Asia eNewsletters.