Today's conventional software to protect PCs and assure they are out of viruses' reach, might be getting outmoded given the discovery made a couple of weeks ago in Middle Eastern countries Iran, Rusia and Hungary.
The famous discovery's name is Flame, it is a powerful malware that has been operating for at least two years on targeted cyber espionage, and was quickly declared by Hungary's CrySys Lab as "the most complex malware ever found."
But what is that makes Flame so deathly for computers and a failure for the antivirus industry?
The malware can spread to other systems over LAN or via USB, it copies documents and records audio, keystrokes, network traffic, and even Skype calls, and takes screenshots from infected computers. That information is passed along to one of several command-and-control servers operated by its creators, then it awaits further instructions from these servers. In all that time, no security software raises the alarm.
Threats are detected by comparing the code of software programs and their activity against a database of "signatures" for known malware. Security companies such as F-Secure and McAfee constantly research reports of new malware and update their lists of signatures accordingly. The result is supposed to be an impenetrable wall that keeps the bad guys out.
However, in recent years, high-profile attacks on not just the Iranian government but also the U.S. government have taken place using software that, like Flame, was able to waltz straight past signature-based software. Many technically sophisticated U.S. companies—including Google and the computer security firm RSA—have been targeted in similar ways, with less expensive malware though, for their corporate secrets. Smaller companies are also routinely compromised, experts say.
Antivirus companies have been quick to point out that Flame is no ordinary computer virus. It came from the well-resourced world of international espionage. But such cyberweapons cause collateral damage (the Stuxnet worm targeted at the Iranian nuclear program actually infected an estimated 100,000 computers), and features of their designs are being adopted by criminals and less-resourced groups.
