Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Should the home user be worried about the Flame virus?


  • Please log in to reply
2 replies to this topic

#1 Grinler

Grinler

    Lawrence Abrams


  • Admin
  • 43,542 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:10 AM

Posted 31 May 2012 - 05:57 PM

I am sure many of of you have heard about the new computer infection called Flame or Flamer in the papers and on television. There has been a lot of buzz about this virus and how it is the most sophisticated espionage weapon currently in Cyber Warfare and a a harbinger of what is to come. What you have not read, though, and what many people are concerned about is if this infection is something that you, the normal computer user, need to worry about. The simple answer is yes and no. The immediate concern for most people after learning about a new super-infection is whether or not they are infected with it. I am going to go out on a limb here and say, NO, you are not infected with Flame. Although researchers are still analyzing the malware it is fairly certain that this infection was created by a specialized organization, whether that be a nation state, criminal organization, or mercenary developers, and it was targeted at specific computers, organizations, and governments in the Middle East. It does have the ability to spread itself over a local network and through removable media like USB drives, but it was most likely first installed at a particular location via a hacked computer or specially planted thumb drive. What this means for you is that unlike a normal computer worm that tries its best to spread all over the world via the Internet without a care of who is ultimately infected, the Flame virus appears to have been only spread when told to by its creator. So don't be concerned about this malware being present on your computer.  
Countries infected by Flame Countries infected by Flame Picture from SecureList
  Now let's get to the reason why you should be worried about Flame. First, it is a very sophisticated infection that consists of numerous individual modules. It is also very large, weighing in at close to 20 Megabytes. To put this in perspective, malware typically has a file size of about 18 Kilobytes to 300 Kilobytes. That is over 1,000 to 70 times smaller than Flame. When you put its size and modular construction together it becomes difficult to analyze. What has been discovered though, is that this malware is an incredible surveillance tool that has the ability to report back to the developers a tremendous amount of information. This includes the infected machine's address book, installed programs, network activity, files, etc. One of the scarier abilities is that it can turn on an external recording devices connected to the computer and record what is happening in the room. As you can see this program was designed to be a spy tool that allows the attacker to gather information without being present. This is scary and is the true future for computer infections. The days of single virus writers doing it for laughs and their ego are over. Malware is now being created by organizations and developers in order to make big money, for corporate espionage, and government warfare. For these reasons, we need to stay worried and vigilant as we are only going to be up against more sophisticated and intelligent malware in the future. Be smart, be careful, run an anti-virus program, and keep those operating system and program updates installed and your computer will be as secure as can be.


BC AdBot (Login to Remove)

 


#2 Ted Striker

Ted Striker

  • Members
  • 1,363 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Canada
  • Local time:05:10 AM

Posted 01 June 2012 - 07:12 PM

The size of this piece of malware also caught my attention. Is it possible that the initial size of Flame is much smaller and that, once active on a victim's PC, it will download additional files?

#3 Grinler

Grinler

    Lawrence Abrams

  • Topic Starter

  • Admin
  • 43,542 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:USA
  • Local time:06:10 AM

Posted 02 June 2012 - 10:24 AM

From what I have read, installations do indeed download more modules as requested.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users