FAQs about Flame the Virus

by Ronny W
Technology advance rapidly, and so are hackers out there. They are developing large scale viruses too. Recently there is a virus called Flame that is loose in Iran and other Middle Eastern countries. Flame is aimed to steal sensitive data from infected PCs. “Kaspersky describes Flame as a backdoor and a Trojan with worm-like features. The initial point of entry for the virus is unknown — spearphishing or infected websites are possibilities — but after the initial infection, the virus can spread through USB sticks or local networks.” (Newman, 2012) Flame the virus can get information from input boxes and passwords hidden by asterisks. Flame can record audio from a connect mic or take screenshots of important applications. Flame “can also collect information about nearby discoverable Bluetooth devices. The virus then uploads all this information to command and control servers, of which there are about a dozen scattered around the world. ” (Newman, 2012) Flame’s code occupied more than 20MB of code, and only 500K code of Stuxnet is analyzed. So it will take years to fully understand 20MB of Flame code. The code doesn’t seem to be after money or bank accounts, but it is aiming at bigger infrastructure. There are speculation that it could be a nation-created virus.

During class time, it was mentioned that virus or other kind of attacks happens within the organizations. In the article it mention the virus can spread through USB sticks or local networks. Which is exactly what we talked about in class. Insider attack is harder to prevent than outsider attack. Insider attack spreads a lot quicker and easier because everyone is connected to the network. Attacks made within the organization can be more devastating.

I think as long as organizations keep their firewalls up at all time and have some sort of anti-virus programs up, they should be able to prevent viruses and malwares. On the other hand, if the attacks are intentional then it is really hard to prevent it besides having really good protection. One of the ways to prevent attacks is unplugging the CAT5 cable. It is your ultimate defense from all outside attack, but if it is insider attack then it is really hard to really be prepared for that. Well organizations have to worry about different attackers out there, so is individual users. It is always a good idea to keep protections up at all time to keep our personal information safe.

Newman, J. (2012, May 30). The flame virus: Your faqs answered. Retrieved from http://www.pcworld.com/article/256508/the_flame_virus_your_faqs_answered.html

6 thoughts on “FAQs about Flame the Virus

  • June 1, 2012 at 8:42 am

    A code that big and a speculation that it could be have been created by another country, sounds interesting to say the least. Just hope those companies can keep up to date with their software, especially if viruses that are seemingly as advanced as flame are out there or will be out there.

  • June 1, 2012 at 3:29 pm

    People never seem to surprise me now a day because people can create huge complex virus without having to try so hard. These advances in virus would only hurt everyone else that doesnt know how to stop the virus. It would seem that virus protection companies have a lot of work to do to try and combat newer and newer virus everyday.

  • June 2, 2012 at 2:21 am

    The location of the virus seems kinda suspicious. I think it might have been a targeted attack, which might explain why it was successful and not easily detected.

  • June 2, 2012 at 1:16 pm

    I know that 20MB is realatively small compared to Gigabytes of data but how could someone downloaded on a USB without knowing something. Perhaps, the virus doesn’t display itself in the directory. It’s scary. Everyone could have this virus but it’s not active or we don’t know were
    being spied on yet.

  • June 2, 2012 at 6:14 pm

    This virus is scary because it can transferred through a USB stick, which is not something i would think of when i think of a virus. I feel that this virus must of took years to write, since 20mb seems huge and a lot of information to go through if we are to ever figure out how it works.

  • June 2, 2012 at 10:10 pm

    Well when I was taking CS375 class, the professor showed us a video describing how computer can all just be infected with bot program, which doesn’t do anything. It is just waiting for command from the controller. When the commander sent out command it will be a massive attack.

Comments are closed.