Powerful Cyber Weapon Found

[Wildfire]

By Jim Finkle | Reuters | 23:50 GMT +8

Powerful "Flame" cyber weapon found in Middle East

<a href="http://s1267.photobucket.com/albums/jj559/365Wildfire/?action=view&amp;current=image2.jpg" target="_blank"><img src="http://i1267.photobucket.com/albums/jj559/365Wildfire/image2.jpg" border="0" alt="Photobucket"></a>

Security experts have discovered a new data-stealing virus dubbed "Flame" they say has lurked inside thousands of
computers across the Middle East for as long as five years as part of a sophisticated cyber warfare campaign.

It is the most complex piece of malicious software discovered to date, said Kaspersky Lab security senior researcher
Roel Schouwenberg, whose company discovered the virus. The results of the Lab's work were made available on Monday.

Schouwenberg said he did not know who built Flame.

If the Lab's analysis is correct, Flame could be the third major cyber weapon uncovered after the Stuxnet virus that
attacked Iran's nuclear program in 2010, and its data-stealing cousin Duqu, named after the Star Wars villain.

The discovery by one of the world's largest makers of anti-virus software will likely fuel speculation that nations have
already secretly deployed other cyber weapons.

Researchers at Kaspersky said they were only starting to understand how Flame works because it is so complex. The
full significance will not be known until other cyber security firms obtain samples of Flame.

The Lab's research shows the largest number of infected machines are in Iran, followed by the Israel/Palestine region,
then Sudan and Syria.

<a href="http://s1267.photobucket.com/albums/jj559/365Wildfire/?action=view&amp;current=images-1.jpg" target="_blank"><img src="http://i1267.photobucket.com/albums/jj559/365Wildfire/images-1.jpg" border="0" alt="Photobucket"></a>

Complex Virus

The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility,
causing centrifuges to fail. It has about 100 times as much code as a typical virus designed to steal financial information,
Schouwenberg said.

Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations,
take screen shots and log instant messaging chats.

He said there was evidence to suggest the code was commissioned by the same nation or nations that were behind
Stuxnet and Duqu, which were built on a common platform.

<a href="http://s1267.photobucket.com/albums/jj559/365Wildfire/?action=view&amp;current=2012-05-28t145338z_1_cbre84r15dh00_rtroptp_3_iran-internetgrid-6x2.jpg" target="_blank"><img src="http://i1267.photobucket.com/albums/jj559/365Wildfire/2012-05-28t145338z_1_cbre84r15dh00_rtroptp_3_iran-internetgrid-6x2.jpg" border="0" alt="Photobucket"></a>

Both Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and
employ a similar way of spreading.

That means the teams that built Stuxnet and Duqu might have had access to the same technology as the team that
built Flame, he said.

Schouwenberg said he believed the attack was highly targeted, aimed mainly at businesses and academic institutions.

He estimated that no more than 5,000 personal computers around the world have been infected, including a handful
in North America.

Kaspersky Lab discovered Flame while investigating reports that a virus dubbed Wiper was attacking computers in Iran.

 

[singveld]

leave it for the nazi to help the terrorist build an atomic bomb
---------------------------------------------------------------------------------------


Stuxnet thwarted by control code update


Iranian nuclear plant workers Iran's nuclear enrichment efforts have been targeted by sophisticated cyber attacks


German engineering giant Siemens has issued a fix for the software loopholes used by the notorious Stuxnet worm.

Stuxnet was discovered in 2010 after investigations into malfunctions at many industrial plants and factories.

Iran's nuclear enrichment efforts were hit hard by Stuxnet which targeted the devices that control delicate industrial processes.

The fix comes as reports circulate of a fresh cyber attack on Iranian nuclear enrichment project.


Stuxnet exploited loopholes in the software Siemens wrote to oversee the running of its programmable logic controllers - devices used in many industrial facilities to automate a production process.

When a controller was infected with Stuxnet it made the motors it was typically connected to run out of control and burn out. This is believed to have been behind Iran's need to replace many of the centrifuges it was using in its Natanz uranium enrichment plant.

Siemens has issued advisories saying it has updated the Simatic code in the controllers to remove the loopholes.

It is not yet clear who created Stuxnet, but security researchers say it is so complex and tightly targeted that only a nation would be able to marshal the resources to put it together.

Stuxnet is just one of several similar malicious programs created to attack industrial control systems.

Experts speculate that many were made to slow down and disrupt Iran's nuclear production processes.

Iran has regularly denied that the viruses have hit its nuclear programme.

The Siemens update comes as security firm F-Secure received an email believed to have been sent by a scientist working at Iran's Atomic Energy Organization.

In the message, the scientist said its plants at Natanz and Qom have been hit again by a worm.

Top F Secure security researcher Mikko Hypponen said it had not been able to confirm any of the details in the message. However, digital detective work did reveal that the message had come from within the Atomic Energy agency.

On 23 July, Iran issued a statement saying it had successfully "confronted" sophisticated malware and thwarted all the cyber attacks against the nation's infrastructure.

Reza Taqipur, Iran's minister of communication and information technology, said it was sometimes hit by as many as two million cyber attacks a day, but its ability to deal with them was growing daily.

 

[neddy]

Old news.
The creators of the internet are involved in cyber weapons. No surprise there.

With globalised networking, and socialising through internet, we are making ourselves vulnerable to these cowboys.

In future, a few US organisations will be controlling our lives.

Those iPad/iPhone users will be controlled by Apple via iTune.

Andriod users by Google through Market Play.

Nokia/Microsoft users by Microsoft

Kindle users by Amazon

You can only buy contents from these organisations and you store data in their cloud storage. Your habits, secrets, friends and weaknesses will be keep for future use against you or data mined for current use.

Using mined information, these organisations will know how to divert your decision making in their favour and milk you like cash cows.