Want CNET to notify you of price drops and the latest stories?

Flame virus could attack other nations

The International Telecommunications Union is set to warn nations about the threat of the virus that has already hit Iran and parts of the Middle East.

Lance Whitney Contributing Writer
Lance Whitney is a freelance technology writer and trainer and a former IT professional. He's written for Time, CNET, PCMag, and several other publications. He's the author of two tech books--one on Windows and another on LinkedIn.
Lance Whitney
2 min read

The Flame virus recently found in Iran could be used to infect other countries, according to the International Telecommunications Union.

As the United Nations agency charged with helping members protect their data networks, the ITU plans to issue a warning about the danger of Flame.

"This is the most serious (cyber) warning we have ever put out," Marco Obiso, cyber security coordinator for the ITU, told Reuters. The warning will paint the virus as a "dangerous espionage tool that could potentially be used to attack critical infrastructure," Reuters added.

Flame was recently identified as a culprit in a cyberattack against Iran and countries in the Middle East. The malware was caught stealing sensitive data from computer systems and files and is also designed to capture information from computer displays and audio conversations.

Security vendor Kaspersky Labs, which claims to have uncovered Flame on behalf of an ITU request, said it's around 20 times the size of Stuxnet, the virus that infected an Iranian nuclear plant in 2010. Kaspersky believes the new malware exceeds other threats known to date in both complexity and functionality.

The ITU is also airing on the side of caution, with Obiso calling Flame a "much more serious threat than Stuxnet," believing that the virus was likely created by a nation state. However, others don't share the same doom and gloom attitude.

Hacking expert Jeff Moss, who serves on the Department of Homeland Security's advisory council, said the ITU and Kaspersky were "overreacting" to the spread of Flame, Reuters noted. And researcher Marcus Carey from security firm Rapid7 said that every new malware discovered these days seems to be called "the worst ever."

CNET contacted the ITU for comment. We'll update the story when we get more information.

Amidst the debate over the threat of Flame, Iran claims to have achieved victory over the virus.

The country's National Computer Emergency Response Team said that it has engineered a defense against the malware that can identify and remove it, according to BBC News. The response team also said the security tool was actually completed in early May and is now ready to be sent to organizations in danger of being infected.

Any long-term analysis of Flame, also known as SkyWiper, could take awhile.

McAfee has found that the virus's main module alone consists of more 650,000 lines of code. And much of the code is purposely confusing to thwart security experts from easily deciphering it.

But that same complexity could keep other cybercriminals from adopting the code for their own purposes.

"The extraordinary amount of obfuscation of the code ensures that the functionality of the executables is not only hard to understand but also helps reduce the risk that one could capture the code and easily utilize it for their own needs," a McAfee representative said in a statement.