Bay 12 Games Forum

Please login or register.

Login with username, password and session length
Advanced search  
Pages: 1 2 [3] 4 5

Author Topic: Flame Virus targets Iran, other Middle Eastern nations  (Read 14592 times)

MetalSlimeHunt

  • Bay Watcher
  • Gerrymander Commander
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #30 on: May 30, 2012, 08:18:35 pm »

Hm..A) The virus has been seen in action in Israel, so they probably didn't put it in action.
Could be intentional as a cover, though.
Quote
B) Kaspersky declined to say who did it, so whoever did put it in action is probably affiliated with someone in the Russian neighborhood.
Called it.

Logged
Quote from: Thomas Paine
To argue with a man who has renounced the use and authority of reason, and whose philosophy consists in holding humanity in contempt, is like administering medicine to the dead, or endeavoring to convert an atheist by scripture.
Quote
No Gods, No Masters.

Scelly9

  • Bay Watcher
  • That crazy long-haired queer liberal communist
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #31 on: May 30, 2012, 08:21:03 pm »

I want to see the code for this. Could be quite interesting.
Logged
You taste the jug! It is ceramic.
Quote from: Loud Whispers
SUPPORT THE COMMUNIST GAY MOVEMENT!

RedWarrior0

  • Bay Watcher
  • she/her
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #32 on: May 30, 2012, 08:44:01 pm »

For one, it isn't targeted; it has been found in several countries. Two, it isn't sneaky; it's massive for a virus, the code is unobfuscated, and so forth, as described in the article I linked.
My guess would be its origin was as a fun project for a kiddy hacker*. The suspected means of distribution, phishing emails or infected websites, fully explains its geographical distribution: all of the known computers infected with the virus are in countries in which Arabic is a commonly spoken language.

*In this case, kiddy hacker doesn't necessarily mean young, but merely someone unaffiliated with official government cyberwarfare units and whose motivation is just for kicks.
And yet, Kapersky said that they think only four nations even had or have the capability to develop this. The pdf analysis of it from the Budapest University of Technology and Economics says (What they call "sKyWIper" is the same as the Flame virus):
Quote
The results of our technical analysis support the hypotheses that sKyWIper was developed
by a government agency of a nation state with significant budget and effort, and it may be
related to cyber warfare activities.
sKyWIper is certainly the most sophisticated malware we encountered during our practice;
arguably, it is the most complex malware ever found.
And yet, it isn't obfuscated. It has characteristics that point heavily to government involvement, and it has characteristics that would make no sense as a government project.
From an AP article:
Quote
“The benefit they get out of this size of file is that it looks normal,” says Mikko Hyppönen, chief research officer with security specialists F-Secure. “Flame looks like your average application, not the encrypted, hidden malware we’re used to seeing. It’s big, it has libraries and it’s hiding in plain sight. It might seem odd, but it worked, it went undetected for years. You can’t argue with that.”

I'll post more, but I'm inclined to believe Kaspersky.
---
Edit: And here's that "more":
"Iran: 'Flame' virus fight began with oil attack"

Quote
The Russian Internet security firm Kaspersky Lab ZAO said the Flame virus has struck Iran the hardest, but has been detected in the Palestinian territories, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.

It also has been found in Israel — leading some Israeli security officials to suggest the virus could be traced to the U.S. or other Western nations.

"Flame: Trying to Unravel the Mystery of 'Sophisticated' Spying Malware"
Quote from: DAVE SHACKLEFORD, chief technology officer, Institute for Applied Network Security
It's able to look for specific data types. It's able to look for new systems that are vulnerable within organizations' networks. It's able to exfiltrate that data in a number of different ways. And, again, it's fairly large, so that's a little bit unusual. It's pretty big for one of these very sophisticated pieces of malware these days.

But, again, it looks to have a lot of capabilities.
"Iran admits Flame caused substantial damage"
Quote
The virus also damaged centrifuges operating at its uranium enrichment facility at Nantaz as reports said that even computers of highranking officials had been penetrated.
"Flame a glimpse into the Bermuda triangle of malware"
Quote
“The fact is that penetration testers have been using tools that heavily leverage the Lua programming language for the last couple of years,” says Carey.

Examples include network scanner, Nmap, the Wireshark packet analyser, and the Snort intrusion detection system.

I encourage you to find other articles as well; most of these were published in the past couple hours. It's not like there's a dearth of opinions on it, but they all tend to make me think it was a country, or at the behest of a country.
« Last Edit: May 30, 2012, 09:07:59 pm by RedWarrior0 »
Logged

lordcooper

  • Bay Watcher
  • I'm a number!
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #33 on: May 31, 2012, 02:18:06 am »

This doesn't faze me, McAfee ftw!
Logged
Santorum leaves a bad taste in my mouth

Scelly9

  • Bay Watcher
  • That crazy long-haired queer liberal communist
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #34 on: May 31, 2012, 02:21:48 am »

This doesn't faze me, McAfee ftw!
AHAAHAHAHAHAHAHAHAHAAHAHAH

No.
Logged
You taste the jug! It is ceramic.
Quote from: Loud Whispers
SUPPORT THE COMMUNIST GAY MOVEMENT!

kaijyuu

  • Bay Watcher
  • Hrm...
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #35 on: May 31, 2012, 02:56:07 am »

This doesn't faze me, McAfee ftw!
*gasp*

No! All plots foiled forever! Curse you, McAfee!
Logged
Quote from: Chesterton
For, in order that men should resist injustice, something more is necessary than that they should think injustice unpleasant. They must think injustice absurd; above all, they must think it startling. They must retain the violence of a virgin astonishment. When the pessimist looks at any infamy, it is to him, after all, only a repetition of the infamy of existence. But the optimist sees injustice as something discordant and unexpected, and it stings him into action.

miauw62

  • Bay Watcher
  • Every time you get ahead / it's just another hit
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #36 on: May 31, 2012, 11:54:49 am »

CA Anti-Virus, on the other hand, is horrible and should never be used by anyone ever for any reason.

Novashield is worse.
Logged

Quote from: NW_Kohaku
they wouldn't be able to tell the difference between the raving confessions of a mass murdering cannibal from a recipe to bake a pie.
Knowing Belgium, everyone will vote for themselves out of mistrust for anyone else, and some kind of weird direct democracy coalition will need to be formed from 11 million or so individuals.

Aklyon

  • Bay Watcher
  • Fate~
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #37 on: May 31, 2012, 11:57:41 am »

I've never heard of Novashield before, and CA A-V I might have but it doesn't sound familiar.
Logged
Crystalline (SG)
Sigtext
Quote from: RedKing
It's known as the Oppai-Kaiju effect. The islands of Japan generate a sort anti-gravity field, which allows breasts to behave as if in microgravity. It's also what allows Godzilla and friends to become 50 stories tall, and lets ninjas run up the side of a skyscraper.

miauw62

  • Bay Watcher
  • Every time you get ahead / it's just another hit
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #38 on: May 31, 2012, 12:10:32 pm »

Well, there are some very good reasons for that...

EDIT:
I misspelled it, its navashield. *facepalm*
Logged

Quote from: NW_Kohaku
they wouldn't be able to tell the difference between the raving confessions of a mass murdering cannibal from a recipe to bake a pie.
Knowing Belgium, everyone will vote for themselves out of mistrust for anyone else, and some kind of weird direct democracy coalition will need to be formed from 11 million or so individuals.

RedKing

  • Bay Watcher
  • hoo hoo motherfucker
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #39 on: May 31, 2012, 01:38:06 pm »

Interesting sidenote:
McAfee just in the past couple of days added a new Trojan to their DAT file (Generic.dx!b2mn). This sucker is turning up in surveillance video players that on CDs from years ago. Makes me wonder how compromised some of the surveillance networks have been.  :o
Logged

Remember, knowledge is power. The power to make other people feel stupid.
Quote from: Neil DeGrasse Tyson
Science is like an inoculation against charlatans who would have you believe whatever it is they tell you.

alway

  • Bay Watcher
  • 🏳️‍⚧️
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #40 on: June 01, 2012, 07:35:43 pm »

http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?pagewanted=5&_r=3&seid=auto&smid=tw-nytimes

I highly recommend reading this NYT piece, as it pretty thoroughly describes the birth of Stuxnet, it's testing, it's use against the Iranian nuclear program, it's escape from Natanz, and generally the whole process of it. And summing up with:
Quote
American cyberattacks are not limited to Iran, but the focus of attention, as one administration official put it, “has been overwhelmingly on one country.” There is no reason to believe that will remain the case for long. Some officials question why the same techniques have not been used more aggressively against North Korea. Others see chances to disrupt Chinese military plans, forces in Syria on the way to suppress the uprising there, and Qaeda operations around the world. “We’ve considered a lot more attacks than we have gone ahead with,” one former intelligence official said.

Mr. Obama has repeatedly told his aides that there are risks to using — and particularly to overusing — the weapon. In fact, no country’s infrastructure is more dependent on computer systems, and thus more vulnerable to attack, than that of the United States. It is only a matter of time, most experts believe, before it becomes the target of the same kind of weapon that the Americans have used, secretly, against Iran.
« Last Edit: June 01, 2012, 07:54:54 pm by alway »
Logged

Sheb

  • Bay Watcher
  • You Are An Avatar
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #41 on: June 02, 2012, 09:32:15 am »

PTW.
Logged

Quote from: Paul-Henry Spaak
Europe consists only of small countries, some of which know it and some of which don’t yet.

Skyrunner

  • Bay Watcher
  • ?!?!
    • View Profile
    • Portfolio
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #42 on: June 02, 2012, 09:41:32 am »

Note that Flame can't affect your BlueTooth enable car, for example. It has custom firmware that probably can't understand Lua, and probably is heavily protected enough to block Flame.

On the other hand, your Windows Phone might be vulnerable :P
Logged

bay12 lower boards IRC:irc.darkmyst.org @ #bay12lb
"Oh, they never lie. They dissemble, evade, prevaricate, confoud, confuse, distract, obscure, subtly misrepresent and willfully misunderstand with what often appears to be a positively gleeful relish ... but they never lie" -- Look To Windward

miauw62

  • Bay Watcher
  • Every time you get ahead / it's just another hit
    • View Profile
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #43 on: June 02, 2012, 09:42:12 am »

Cue the thread derailing into mac peeps saying:
'we no has virusses!'
Logged

Quote from: NW_Kohaku
they wouldn't be able to tell the difference between the raving confessions of a mass murdering cannibal from a recipe to bake a pie.
Knowing Belgium, everyone will vote for themselves out of mistrust for anyone else, and some kind of weird direct democracy coalition will need to be formed from 11 million or so individuals.

Skyrunner

  • Bay Watcher
  • ?!?!
    • View Profile
    • Portfolio
Re: Flame Virus targets Iran, other Middle Eastern nations
« Reply #44 on: June 02, 2012, 09:45:41 am »

's true in this case : it says Flame attacks Windows.
Logged

bay12 lower boards IRC:irc.darkmyst.org @ #bay12lb
"Oh, they never lie. They dissemble, evade, prevaricate, confoud, confuse, distract, obscure, subtly misrepresent and willfully misunderstand with what often appears to be a positively gleeful relish ... but they never lie" -- Look To Windward
Pages: 1 2 [3] 4 5