The Iranian Computer Emergency Response Team (MAHER) claims to have discovered a new targeted malware attack attacking the country, which has been dubbed Flame (also known as Flamer or Skywiper),following on from the Stuxnet and Duqu attacks dating back to 2010.
"The name 'Flamer' comes from one of the attack modules, located at various places in the decrypted malware code. In fact this malware is a platform which is capable of receiving and installing various modules for different goals," Researcher said in the statement.
MAHER claimed that Flame is not detected by any of 43 anti-virus products it tested against, but that detection was issued to select Iranian organisations and companies at the beginning of May.
"A detector was created by Maher centre and delivered to selected organisations and companies in [the] first days of May. And now a removal tool is ready to be delivered."
Maher said the malware was able to carry out several high-profile functions, including network monitoring, disk scanning, screen capturing, recording sound from in-built microphones and infiltrating various Windows systems. It added that Flame can be passed on via devices such as USB sticks.
References:
Kaspersky: The Flame: Questions and Answers
Symantec: Highly Sophisticated and Discreet Threat Targets the Middle East
