June 6, 2012 by Joseph Fitsanakis
By JOSEPH FITSANAKIS | intelNews.org |
When the Stuxnet computer virus was detected, in 2010, it was recognized as the most sophisticated malware ever created. It had been specifically designed to sabotage Siemens industrial software systems, which were used in Iran’s nuclear energy program. Not surprisingly, most Stuxnet-infected computers were in Iran. Now a new, massive and extremely sophisticated piece of malware has been detected in computers belonging to the Iranian National Oil Company and Iran’s Ministry of Petroleum. It is called Flame and, according to antivirus company Kaspersky Lab, which first spotted the virus last week, it is “one of the most complex threats ever discovered”. Simply consider that Stuxnet, which caused unprecedented waves of panic among Iranian cybersecurity experts, was 500 kilobytes in size. Flame is over 20 megabytes in size, consisting of 650,000 lines of code; it is so complex that it is expected to take programming analysts around a decade to fully comprehend. The two are different, of course. Stuxnet was an infrastructure-sabotaging malware, which destroyed hundreds —maybe even thousands—of Iranian nuclear centrifuges. Flame, on the other hand, appears to be an espionage tool: it aims to surreptitiously collect information from infected systems. What connects them is their intended target: Iran. We now have Stuxnet, the most complex sabotaging malware ever discovered, which must have taken dozens of programmers several months to create, and Flame, the world’s most powerful cyberespionage tool ever detected by computer security experts. And both have been primarily directed at Iranian government computers.