Say hello to the Flame Virus.

If you have been keeping up with latest technology/computer news, you may already be aware of this; but I felt that I should post this for our members since most of us use Windows computers; which this virus affects.

Kaspersky was the first antivirus software company to discover the Flame Virus, and was described as in an article from PCWorld.com:

Quote :

Kaspersky describes Flame as a backdoor and a Trojan with worm-like features. The initial point of entry for the virus is unknown -- spearphishing or infected websites are possibilities -- but after the initial infection, the virus can spread through USB sticks or local networks.

Flame is meant to gather information from infected PCs. As Kaspersky's Vitaly Kamlyuk told RT, the virus can sniff out information from input boxes, including passwords hidden by asterisks, record audio from a connected microphone and take screenshots of applications that the virus deems important, such as IM programs. It can also collect information about nearby discoverable Bluetooth devices. The virus then uploads all this information to command and control servers, of which there are about a dozen scattered around the world.

The virus is reminiscent of the Stuxnet worm that wreaked havoc on Iran in 2010, but Kaspersky says Flame is much complex, with its modules occupying more than 20 MB of code. “Consider this: it took us several months to analyze the 500K code of Stuxnet. It will probably take year to fully understand the 20MB of code of Flame,” the firm said.

So in the most basic terminology I can think of, this virus is a backdoor, a trojan, a worm, and Conficker all rolled into a great cluster**** of cyber-warfare. It can pull just about ANY information from your computer and even gives the controllers the ability to DELETE your files if so desired and can direct the computer to spread the virus by whatever means it pleases.

Now, what the quote there doesn't mention is that the virus spoofs Windows Update security certificates so they actually look like they came FROM Microsoft. Most of the infected computers have been isolated in places like Iran and the Middle East, and has basically been using for espionage for other countries, and is very complex and complicated as a program; but there is always the possibility that this virus can leak out into the consumer market or that someone will get there hands on the code for this.

Be careful what your computer is updating and keep track of everything (backup your important data on an external harddrive too, just in case!) A bit of vigilance goes a long way.

Further Reading and Articles about the Flame Virus:

CNET.COM: http://news.cnet.com/8301-10805_3-57447277-75/flame-virus-can-hijack-pcs-by-spoofing-windows-update/
PCWORLD.COM: http://www.pcworld.com/article/256508/the_flame_virus_your_faqs_answered.html
CIO TODAY: http://www.cio-today.com/story.xhtml?story_id=01100000JPR6
REUTERS: http://www.reuters.com/article/2012/06/05/microsoft-flame-idUSL1E8H52PO20120605
VIDEO FROM REUTERS EXPLAINING THE VIRUS: http://uk.reuters.com/video/2012/05/30/reuters-tv-deconstructing-the-flame-virus-how-it-wo?videoId=235736835

Aside from that, happy and safe web surfing folks!

- Zeroki

Microsoft has released yesterday (5-06-2012) and update patch to solve the problem, which makes the fake digital certificate useless on the computer, as it would not be trusted anymore by Windows.

The makers of the virus got the certificate by abusing a bug in the Windows Terminal Services.

Further from investigation by the New York Times to see who is behind the Stuxnet, they came out to the U.S. Government with cooperation of Israel, with the making of it. The Development started under the administration of Bush, and Obama ordered a sped up for it.

My Source after running it through the google translator: http://translate.google.nl/translate?sl=nl&tl=en&js=n&prev=_t&hl=nl&ie=UTF-8&layout=2&eotf=1&u=http%3A%2F%2Fnos.nl%2Fartikel%2F380265-microsoft-verhelpt-flamelek.html&act=url

More food for the reader:
www.Nu.nl about the virus and FBI investigating leaks: http://translate.google.nl/translate?hl=nl&sl=nl&tl=en&u=http%3A%2F%2Fwww.nu.nl%2Finternet%2F2828099%2Ffbi-onderzoekt-lekken-cyberaanval-iran.html

New York times: http://www.nytimes.com/2012/06/01/world/middleeast/obama-ordered-wave-of-cyberattacks-against-iran.html?_r=1&pagewanted=1&ref=global-home

The Wall Street journal: http://online.wsj.com/article/SB10001424052702303506404577448563517340188.html?mod=wsj_share_tweet

Yeah. I'd heard it was created by the U.S. government as a cyberweapon. Surprise surprise... it got leaked. Didn't see that coming .

Thanks for the warning, I'll be advised to watch for it!

Kaspersky Labs has released a PDF file about the development of the virus and found a connection between the Flame and Stuxnet. In the early stages of the development they worked together and it can be also transfered by USB Stick.

Here is the PDF file: http://tweakimg.net/files/upload/Suxnet_and_Flame.pdf