Experts specializing in malware from Bitdefender have uncovered a special capability in Flame’s code that allows the virus to steal data from computers that are not connected to the Internet or networked machines. Flame can move stolen data to a USB memory stick plugged into an infected harddrive. Bitdefender asserts that this ability has never been witnessed before.
This cyber-espionage virus will move stolen information to an USB outlet, then seemingly wait for the chance to upload it to the malware controllers once the infected computer links to the Internet.
Bogdan Botezatu, malware analyst from Bitdefeder, said:
It turns users into data mules. Chances are, at some point, a user with an infected flash drive will plug it into a secure computer in a contained environment, and Flame will carry the target’s information from the protected environment to the outside world…It uses its ability to infect to ensure an escape route for the data. This is is somewhat revolutionary for a piece of malware. Eugene Kaspersky, of the Russian Kaspersky Lab, uncovered Flame under orders from the UN.
At the Global Media and Technology Summit, Kaspersky’s team made the connection between Flame and Stuxnet and the cyberattack on Iran by the US and Israel.
The US and Israel came together to attack Iran; along with the European Union and a wide range of employed experts to guarantee that the worm would perform as planned.
This virus attacked and damaged Iranian centrifuges used to enrich uranium at the Natanz facility.
The Obama administration claims to be “launching an investigation into Flame, which is a highly classified project.
Independent researchers have long attributed Stuxnet and Flame to the same cyberattacks and even claimed they are the same virus. Kaspersky’s lab has hard evidence of this fact.
The Pentagon, through a report in 2011, assessed that the US is involved in cyberespionage, but claims it is a defense to the thefts of industrial and defense secrets of other cyberspies.
Roel Schouwenberg, a senior researcher at Kaspersky Lab, commented: We are now 100 percent sure that the Flame and Stuxnet groups worked together. The fact that the Flame group shared their source code with the Stuxnet group shows they cooperated at least once. These two viruses share the same pieces of code at their based developmental stage, making them virtually identical; and most likely created by the same entity.
Alexander Gostev, Kaspersky Lab’s Chief Security Expert, says:
What we have found is very strong evidence that the Stuxnet/Duqu and Flame cyberweapons are connected. Hypocritically, the US government complained about the Chinese government’s cyberattack of their citizens dating back to 1999 after the UN’s NATO bombed the Chinese Embassy.
Just last week, the Obama administration admitted to teaming up with Israel to create Stuxnet which attempts to extend “full spectrum dominance” in the Internet. While continuing the cyberattacks begun with former President Bush. The same virus was called Olympic Games back then.
President Obama, trying to displace responsibility and blame, has suggested that the New York Times made-up their stories on Flame, Stuxnet and his administration’s involvement.
This journalistic propaganda, designed to admit through confusion, will allow the White House to not acknowledge their responsibility with the blanket of plausible deniability.
Israel has not publicly admitted nor denied involvement with Obama’s cyberattacks, Flame or Stuxnet.
