Tuesday, May 29, 2012

Meet 'Flame', The Massive Spy Malware Infiltrating Iranian Computers | Threat Level | Wired.com

From a malware platform profile
"Early analysis of Flame by the Lab indicates that it’s designed primarily to spy on the users of infected computers and steal data from them, including documents, recorded conversations and keystrokes. It also opens a backdoor to infected systems to allow the attackers to tweak the toolkit and add new functionality.
The malware, which is 20 megabytes when all of its modules are installed, contains multiple libraries, SQLite3 databases, various levels of encryption — some strong, some weak — and 20 plug-ins that can be swapped in and out to provide various functionality for the attackers. It even contains some code that is written in the LUA programming language — an uncommon choice for malware."
Meet 'Flame', The Massive Spy Malware Infiltrating Iranian Computers | Threat Level | Wired.com

No comments: