 "Flame Potentially Most Advanced Malware Yet")
Yesterday, news broke that a new strain of highly advanced malware (APT), dubbed Flame (Flamer/Skywiper), has been identified. The variant was found to be prevalent in the Middle East. Recent well-known malware that was also found in the Middle East are Stuxnet and Duqu, both very advanced and ground-breaking. Flame has most likely been in circulation since 2010, but has just been identified. The primary function of Flame is to collect and upload information, which it does in several ways, including recording audio, taking screenshots, compiling a list of nearby Bluetooth devices, and more.
The malware has a total size of about 20 MB, which is huge compared to most malware, which is usually less than 1 MB. One of the main reasons for its relatively much larger size is its extensive embedded functionality. It consists of several modules, such as decompression libraries, a SQL database, and a LUA virtual machine. So far, known vulnerabilities used in this malware are: MS10-046 and MS10-061. Those were both used in Stuxnet and Duqu to maintain persistence and move laterally on infected networks.
Commenting on the same, Carl Leonard, Senior Manager, Websense Security Labs, said: “Flame is potentially the most advanced malware to date, at least in terms of functionality combined with ability to stay hidden over a long period of time. Contributing to its complexity is its sheer size. At a huge 20MB in size if all modules are taken into account, it is about 20-30 times larger than most malware we usually see and incorporates some interesting techniques not common to malware such as using the LUA scripting language for some of its functions. How effective it has been remains to be determined, as there still have only been a small number of infections discovered and it will take some significant research time to deconstruct all of its capabilities.”
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
