by David Gracey
Researchers at Moscow-based security company Kaspersky just this week uncovered a computer virus that has infected thousands of computers around the world. The virus, called “Flame”, has been quietly spreading to vulnerable computers for about 2 years. It has been dormant all this time which has allowed it to spread undetected. Recently it activated itself which began to raise the alarms at companies that monitor such activity.
What it does: What is unusual about this virus (computer security nerds actually refer to it as a “toolkit”) is that it activates all of the input accessories on your computer and captures all input. Email is captured, chat sessions are copied and all keyboard input is collected and then copied up to servers on the internet. The virus also has a nasty ability to turn on and capture all information from your computer microphone, webcam and Bluetooth devices such as audio headsets. It also quickly begins to gather screen shots upon infection. The virus is clearly designed to gather personal communications of all sorts on targeted computers. It’s essentially a mass spying app.
Who is behind it? This has been described as the most complex virus program, even more sophisticated than the Stuxnet virus that targeted the Iranian nuclear program a few years ago (see my blog post from June 2011 or visit Stuxnet Featured on 60 Minutes). Due to its complexity, computer experts agree that the virus is state-sponsored and doesn’t come from the usual hacker community but rather state-run counter intelligence operations such as the CIA or Israel’s Mossad. Also, the virus has primarily targeted the Middle East, particularly Iran, as it spreads from one computer to another.
Could my computer be infected? Probably not. Unless you live or work in the Middle East, particularly in Iran, the likelihood of your computer being infected is very remote. There are very few incidents of the virus reported outside the Middle East and North Africa. Although the virus was able to get past 43 different anti-virus software programs, the “white hats” now have the signature of Flame and will begin deploying signature files that contain protection against it.
What should I do? Experts believe the virus spreads through a known vulnerability in the Microsoft Windows operating system. The best way to protect against this and all other viruses is to keep Windows updated, install and maintain a good anti-virus program (Norton, McAfee, Trend Micro) and make sure you have a robust hardware firewall in place.