The news from cybersecurity researchers this Memorial Day sounded like a plot device from a science fiction movie. A hyper-secret surveillance program laid dormant on computers around the world for years, secretly turning on microphones, taking screenshots, copying files, recording keystrokes, fiddling with Bluetooth, and sending all the information off to unknown parties. Following an investigation request by the United Nations’ International Telecommunications Union, the discovery of Flame–the world’s most sophisticated known weapon of cyberwar–was made public. Many of the infected computers belonged to deliberately targeted home users; the exquisitely crafted software escaped evasion by the world’s best antivirus software suites for years.
According to Alexander Gostev of Kaspersky Labs, one of the first experts to investigate Flame, the product “[sniffs] the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on. All this data is available to the operators through the link to Flame’s command-and-control servers. Later, the operators can choose to upload further modules, which expand Flame’s functionality. There are about 20 modules in total and the purpose of most of them is still being investigated.” Other portions of Flame activate Bluetooth functionality and siphon name/phone number/address info from Bluetooth-enabled phones near infected computers. Flame was written using Lua, a programming language best known for its use in Angry Birds.
Due to Flame’s information-gathering goals, complex construction, multiple redundancies to hide from virus and malware detectors, and the fact that it’s not being used for financial gain, most experts are classifying the product as a cyberwar weapon. What makes Flame especially interesting (and creepy) is the fact that many infected computers are home PCs with Internet connections whose Skype conversations and documents folders were methodically spied on
Read More: Fast Company