Showing posts with label cyberweapons. Show all posts
Showing posts with label cyberweapons. Show all posts

Friday, June 1, 2012

Powerful ‘Flame’ cyberweapon tied to popular Angry Birds game



By Catherine Herridge

The most sophisticated and powerful cyberweapon uncovered to date was written in the LUA computer language, cyber security experts tell Fox News -- the same one used to make the incredibly popular Angry Birds game.

LUA is favored by game programmers because it’s easy to use and easy to embed.  Flame is described as enormously powerful and large, containing some 250,000 lines of code, making it far larger than other such cyberweapons. Yet it was built with gamer code, said Cedric Leighton, a retired Air Force Intelligence officer who now consults in the national security arena.

“The people who developed the malware … found an ingenious way to use a code not part and parcel of a hacker’s normal arsenal, and that made it harder to detect,” he told Fox News.

But this new weapon is twenty times the size of earlier cyberbombs and far more powerful, making it practically an army on its own, said Roel Schouwenberg, a senior security researcher with Kaspersky Labs.

“Flame is a cyberespionage operation,” he told FoxNews.com.

The reconnaissance virus variously called “Worm.Win32.Flame” or simply “Flame” resembles some of its predecessors, notably DUQU. DUQU was like a computer advance team for the Stuxnet virus that ravaged the Iranian nuclear program at Natanz in 2009. Flame is likewise a form of spyware that enters a computer system, though exactly how is unclear.

“A thumb drive is one way of introducing Flame,” Leighton told Fox News. “But once you know the email address or computer IP address … they can introduce Flame remotely.”

Cyber experts tell Fox News that once in a computer network, Flame is powerful enough to initiate webcams, microphones, and Bluetooth connections in order to extract contact lists, record conversations and more.

It was likely built by the same nation-state responsible for the Stuxnet virus that targeted Iran’s nuclear power plant. One of the leading candidates, is Israel, because Flame has been found in Saudi Arabia, Palestinian territories, Syria, Iran and Hungary.

Israeli Vice Premier Moshe Ya'alon on Tuesday hinted to a local radio station that his country was indeed responsible for it.

"Whoever sees the Iranian threat as a serious threat would be likely to take different steps, including these, in order to hurt them," Ya’alon said.

The spyware has been seen in Israel as well – something that could be a red herring, Leighton said.

Flame came to light when the U.N. International Telecommunications Union (which oversees cyberactivities for the body) received reports of unusual activity.  A Russian security firm first identified it, noting that the virus has apparently existed in these networks for several years undetected.

The U.N. body is expected to release a warning Wednesday that Flame is a significant threat.