Last week, researchers at Kaspersky Labs announced they had discovered Flame malware, a complex targeted virus that has been infecting computers through the Middle East.
Believed to be a cyber-espionage tool, Flame is said to have spread by taking advantage of spoofed Microsoft security certificates. Flame malware leaves a backdoor on computers and can be used to steal documents, spy on network traffic, log key strokes, record audio communications and take screenshots, among other things. Flame spreads within a network via a USB thumb drive, network shares, or a shared printer spool vulnerability and spreads only when instructed to do so by the attackers. It can propagate itself through a local network, much like a computer worm.
The largest concentration of infected machines is in Iran, followed by the Palestinian-controlled West Bank, Sudan, Syria, Lebanon, Saudi Arabia, and Egypt.
It’s unclear who wrote and distributed the malware, but researchers believe it was a nation-state or someone hired by a nation-state because of the advanced nature of the threat. The software is not designed to steal financial data and does not seem targeted at consumers.
“The complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date,” according to a statement released by Kaspersky Labs, one of ACE IT Solutions technology partners.
Microsoft has taken several measures, including the release of a Windows patch, to fix security holes. Most of the major antivirus software now detects Flame, so keeping your security software updated will protect your network.
Are you protected from Flame?
You can rely on ACE IT Solutions to protect your network from potential threats via specific anti-virus and malware protection and 24×7 network monitoring. Contact us today to ensure your network is fully protected.