Author Topic: FLAME CYBER WAR WEAPON FOUND IN IRAN  (Read 2188 times)

Offline Reginald Hudlin

  • Landlord
  • Honorary Wakandan
  • *****
  • Posts: 10019
    • View Profile
« on: May 29, 2012, 04:40:12 am »

By Jim Finkle
BOSTON (Reuters) - Security experts said on Monday a highly sophisticated computer virus is infecting computers in Iran and other Middle East countries and may have been deployed at least five years ago to engage in state-sponsored cyber espionage.
Evidence suggest that the virus, dubbed Flame, may have been built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran's nuclear program in 2010, according to Kaspersky Lab, the Russian cyber security software maker that took credit for discovering the infections.

Kaspersky researchers said they have yet to determine whether Flame had a specific mission like Stuxnet, and declined to say who they think built it.

Iran has accused the United States and Israel of deploying Stuxnet.

Cyber security experts said the discovery publicly demonstrates what experts privy to classified information have long known: that nations have been using pieces of malicious computer code as weapons to promote their security interests for several years.
"This is one of many, many campaigns that happen all the time and never make it into the public domain," said Alexander Klimburg, a cyber security expert at the Austrian Institute for International Affairs.

A cyber security agency in Iran said on its English website that Flame bore a "close relation" to Stuxnet, the notorious computer worm that attacked that country's nuclear program in 2010 and is the first publicly known example of a cyber weapon.
Iran's National Computer Emergency Response Team also said Flame might be linked to recent cyber attacks that officials in Tehran have said were responsible for massive data losses on some Iranian computer systems.

Kaspersky Lab said it discovered Flame after a U.N. telecommunications agency asked it to analyze data on malicious software across the Middle East in search of the data-wiping virus reported by Iran.

Experts at Kaspersky Lab and Hungary's Laboratory of Cryptography and System Security who have spent weeks studying Flame said they have yet to find any evidence that it can attack infrastructure, delete data or inflict other physical damage.
Yet they said they are in the early stages of their investigations and that they may discover other purposes beyond data theft. It took researchers months to determine the key mysteries behind Stuxnet, including the purpose of modules used to attack a uranium enrichment facility at Natanz, Iran.

If Kaspersky's findings are validated, Flame could go down in history as the third major cyber weapon uncovered after Stuxnet and its data-stealing cousin Duqu, named after the Star Wars villain.
The Moscow-based company is controlled by Russian malware researcher Eugene Kaspersky. It gained notoriety after solving several mysteries surrounding Stuxnet and Duqu.

Officials with Symantec Corp and Intel Corp McAfee security division, the top 2 makers of anti-virus software, said they were studying Flame.

"It seems to be more complex than Duqu but it's too early to tell its place in history," said Dave Marcus, director of advanced research and threat intelligence with McAfee.

Symantec Security Response manager Vikram Thakur said that his company's experts believed there was a "high" probability that Flame was among the most complex pieces of malicious software ever discovered.
At least one rival of Kaspersky expressed skepticism.

Privately held Webroot said its automatic virus-scanning engines detected Flame in December 2007, but that it did not pay much attention because the code was not particularly menacing.

That is partly because it was easy to discover and remove, said Webroot Vice President Joe Jaroch. "There are many more dangerous threats out there today," he said.

Kaspersky's research shows the largest number of infected machines are in Iran, followed by Israel and the Palestinian territories, then Sudan and Syria.

The virus contains about 20 times as much code as Stuxnet, which caused centrifuges to fail at the Iranian enrichment facility it attacked. It has about 100 times as much code as a typical virus designed to steal financial information, said Kaspersky Lab senior researcher Roel Schouwenberg.

Flame can gather data files, remotely change settings on computers, turn on PC microphones to record conversations, take screen shots and log instant messaging chats.

Kaspersky Lab said Flame and Stuxnet appear to infect machines by exploiting the same flaw in the Windows operating system and that both viruses employ a similar way of spreading.

That means the teams that built Stuxnet and Duqu might have had access to the same technology as the team that built Flame, Schouwenberg said.

He said that a nation state would have the capability to build such a sophisticated tool, but declined to comment on which countries might do so.

The question of who built flame is sure to become a hot topic in the security community as well as the diplomatic world.

There is some controversy over who was behind Stuxnet and Duqu. Some experts suspect the United States and Israel, a view that was laid out in a January 2011 New York Times report that said it came from a joint program begun around 2004 to undermine what they say are Iran's efforts to build a bomb.

The U.S. Defense Department, CIA, State Department, National Security Agency, and U.S. Cyber Command declined to comment.
Hungarian researcher Boldizsar Bencsath, whose Laboratory of Cryptography and Systems Security first discovered Duqu, said his analysis shows that Flame may have been active for at least five years and perhaps eight years or more.

That implies it was active long before Stuxnet.

"It's huge and overly complex, which makes me think it's a first-generation data gathering tool," said Neil Fisher, vice president for global security solutions at Unisys Corp. "We are going to find more of these things over time."

Others said cyber weapons technology has inevitably advanced since Flame was built.

"The scary thing for me is: if this is what they were capable of five years ago, I can only think what they are developing now," Mohan Koo, managing director of British-based Dtex Systems cyber security company.

Some experts speculated that the discovery of the virus may have dealt a psychological blow to its victims, on top of whatever damage Flame may have already inflicted to their computers.

"If a government initiated the attack it might not care that the attack was discovered," said Klimburg of the Austrian Institute for International Affairs. "The psychological effect of the penetration could be nearly as profitable as the intelligence gathered."

Offline Battle

  • Honorary Wakandan
  • *****
  • Posts: 11167
  • M.A.X. Commander
    • View Profile
« Reply #1 on: June 23, 2021, 08:21:54 pm »
Wednesday, 23rd June  Twenty One
John McAfee Found Dead In Jail
by Paulina Villegas, Devlin Barrett, Harrison Smith and Max Hauptman

John McAfee, creator of the anti-virus company that bears his name, was found dead in his jail cell in Barcelona on Wednesday while awaiting extradition to the United States to face charges of tax evasion.

Authorities were investigating the cause of death, the Catalan Department of Justice said, “but everything points at a suicide.”

Medics tried to resuscitate him but were not able to do so.

Nishay K. Sanan, McAfee’s attorney, confirmed his death but said he did not know the cause.

McAfee, 75, was arrested in October when he was about to board a flight to Turkey at Barcelona-El Prat Airport.

He had been charged in the United States with evading taxes related to millions of dollars’ worth of cryptocurrency.

A Spanish court ruled Wednesday that he could be extradited to the United States.

U.S. authorities accused McAfee of not filing tax returns from 2014 to 2018 after he earned millions of dollars in income from several sources including “speaking engagements, for the rights to his life story for a documentary, for work as a consultant, and for promoting cryptocurrencies,” according to a federal indictment filed last year.

McAfee also faced U.S. charges of conspiracy to commit commodities and securities fraud, conspiracy to commit securities and touting fraud, wire fraud and money laundering related “to the fraudulent promotion to investors of cryptocurrencies qualifying under federal law as commodities or securities,” the U.S. Department of Justice announced in a March news release.

McAfee and his accomplices allegedly secured more than $13 million from investors they defrauded, the statement said.

According to the FBI, McAfee and one of his associates, Jimmy Gale Watson Jr., used social media to perpetrate a “pump-and-dump” scheme in which they promoted the sale of digital currencies without disclosing to investors that they were being compensated to tout them, the statement added.

A U.S. Justice Department spokeswoman declined to comment on the charges against McAfee on Wednesday.

McAfee founded his anti-virus software company in 1987, having previously worked as a computer programmer and government contractor.

An early pioneer in the industry, the company grew rapidly to encompass more than half of the anti-virus software market.

McAfee resigned from the company in 1994, selling his remaining shares and embarking on several other business ventures.

McAfee lived a lavish public lifestyle, funded instant-messaging and firewall software ventures, and invested in real estate.

Profiled by CNBC in 2009 while living in Belize, McAfee said the global financial crisis had wiped out much of his wealth.

In 2012, McAfee was named as a suspect in the killing of an American expatriate businessman named Gregory Faull.

McAfee denied the allegations and later fled Belize, illegally crossing into neighboring Guatemala before being deported back to the United States.

A final post on McAfee’s verified Instagram account, made shortly after reports of his death began to surface, was a “Q.”

Many users connected the message to QAnon, a sprawling set of falsities that have coalesced into an extremist ideology that has radicalized its followers.

It has incited violence and criminal acts, and the FBI has designated it a domestic terrorism threat.

The post was the first use of the account in several months, having made no past reference to the QAnon ideology that took hold during individual-1.

It was not the first time McAfee had referenced his own death.

In October, 2020, McAfee tweeted,

“Know that if I hang myself, a la Epstein, it will be no fault of mine,” referring to billionaire financier Jeffrey Epstein, who died of an apparent hanging in a New York jail after being charged with sexually abusing girls.

McAfee made a similar reference a year earlier, showing a picture of himself with a tattoo reading “$wackd” and the message “If I suicide myself, I didn’t.”

The company that still uses his name responded to news of his death Wednesday, saying:

“Although John McAfee founded the company, he has not been associated with our company in any capacity for over 25 years. That said, our thoughts go to his family and those close to him.”