The Flame virus first flickered publicly in May 2012 when the United Nations’ International Telecommunications Union requested the hacking of Iranian computers be investigated.
Although not widespread — only a few hundred targeted computers were thought to have been infected — Flame’s powerful reach was soon revealed to rival that of a virus the likes of which one might encounter in a Hollywood movie. Also known as Flamer and Skywiper, the malware spread via USB drive, much like Stuxnet, a program used by the U.S. government to infiltrate the Iranian nuclear system. Some of its file names referenced American pop culture, including the movie Beetlejuice.
Flame used the Lua programming language, which is most commonly found in the gaming industry and is also the basis of Venmo. Lua can be used to build a program from scratch, but it’s most powerful as an “extension language,” meaning it can be embedded in other programs for quick enhancements.
As a backdoor virus, Flame avoided proper authentication channels as it captured all matter of sensitive information. As a Trojan, Flame disguised itself as a Microsoft software update. As a worm, Flame could easily spread to other systems in a computer’s network.
- Snap screenshots of infected computers.
- Secretly record conversations using the computer’s built-in microphone.
- Use the computer’s Bluetooth to snag contacts from other nearby Bluetooth-enabled devices.
- Log keystrokes to capture usernames and passwords.
So, who could be behind such a sophisticated threat? To date, no one has taken credit, but experts believe it must have been a nation-state. It certainly wasn’t programmed by a hobbyist teenager. Given the virus’ target — the Middle East, with special mention of the Iranian Oil Ministry and the Iranian National Oil Company, most experts believe the United States and Israel jointly developed Flame.
Did you enjoy this installation of SmarterMSP’s Tech Time Warp? Check out others here.
Photo: Marko Aliaksandr / Shutterstock