Much ado was made when security experts found Stuxnet wreaking havoc, but it's looking as though the malware was just a prelude to a much more elaborate attack that's plaguing the Middle East. Flame, a backdoor Windows trojan, doesn't just sniff and steal nearby network traffic info -- it uses your computer's hardware against you. The rogue code nabs phone data over Bluetooth, spreads over USB drives and records conversations from the PC's microphone. If that isn't enough to set even the slightly paranoid on edge, it's also so complex that it has to infect a PC in stages; Flame may have been attacking computers since 2010 without being spotted, and researchers at Kaspersky think it may be a decade before they know just how much damage the code can wreak.
No culprit has been pinpointed yet, but a link to the same printer spool vulnerability used by Stuxnet has led researchers to suspect that it may be another instance of a targeted cyberwar attack given that Iran, Syria and a handful of other countries in the region are almost exclusively marked as targets. Even if you live in a 'safe' region, we'd keep an eye out for any suspicious activity knowing that even a fully updated Windows 7 PC can be compromised.
Flame malware snoops on PCs across the Middle East, makes Stuxnet look small-time originally appeared on Engadget on Mon, 28 May 2012 17:07:00 EDT. Please see our terms for use of feeds.
Permalink 
Wired |
Kaspersky Securelist |
Email this |
Comments
Google Chrome tends to auto update quickly and silently, but you may want to make sure you're on the latest version right now, as the company announced a zero-day vulnerability that it said attackers are "actively exploiting." As Chrome security engi...
Microsoft has rolled out a fix for a zero-day Internet Explorer vulnerability that hackers are already using for targeted attacks. The tech giant didn't elaborate on the scope of those attacks, but it did explain how criminals can use the memory-corr...
Like viruses, cybersecurity charlatans are incidental guests in the body of infosec. These men sell false expertise, conspiracy theories, and invisible security potions and they are as unintentionally hilarious as they are alarming. Case in point: Bu...
Apple has another security issue to deal with. As 9to5Mac reports today, Apple's HomeKit framework has a vulnerability that allows unauthorized access to connected smart devices like locks and garage door openers. Apple has already put in a server-si...
Samsung's Tizen platform might give the company the technological independence it wouldn't have if it stuck to outside software like Android, but it's apparently a security disaster. Researcher Amihai Neiderman tells Motherboard he has discovered 40...
Microsoft is still more than a little upset at Google revealing unpatched Windows security flaws, but it'll at least have a solution in hand in the days ahead. The software giant now plans to issue a patch for affected version of Windows on November...
The Department of Homeland Security is echoing Trend Micro's advice to uninstall QuickTime if you have it on your Windows computer. While the multimedia program's working just fine, the security firm has discovered two new critical vulnerabilities lu...
It's no secret that the FBI uses tech tools like Stingray phone trackers to investigate suspects, but it's now clear that the bureau is willing to go even further than that. Operational Technology Division lead Amy Hess (above) tells the Washington P...
