English-Language Cyberwar Software Might Have Targeted Iran
(NEW YORK) — An act of “cyberwar” has been discovered by researchers who say that a malicious computer virus, written by English speakers and known as “Flame,” has targeted Iran and the Middle East, and might have focused on oil and energy production, according to cybersecurity firm Symantec.
A cyber-attack launched against Iranian oil terminals and knocking them off line in April might have been caused by “Flame,” a complicated software program that can steal all of the information on a computer and possibly work to erase its hard drive, according to Vikram Thakur, a manager at Symantec security systems.
Thakur told ABC News on Monday that early analysis of the software shows that it is the most complicated malware ever written and deployed, and that it is has been stealing information from targeted users for at least two years.
While it is unknown who designed or launched Flame, the software uses code words like “Jimmy” that lead researches to believe its makers are native English speakers. Furthermore, the complexity of code and language are not something that “average hackers could come up with,” Thakur said.
“We can’t pinpoint who is actually behind it but we can narrow the list of potential actors,” he said. “It’s a project that’s been out for years, and flown under the radar. It is extremely well funded.”
The U.S. State Department had no comment on the matter when reached on Monday, but expected to address it at a news conference Tuesday morning.
Thakur said that because the malware has been around for years without notice or abandonment, it is likely that it successfully stole sensitive information from computers it infected.
“According to the data we have, all of the infections were very local to parts of the Middle East: Iran, United Arab Emirates, Hungary, and smaller countries as well, but we believe that the actual targets of this piece of malware was an even smaller set of countries, and possibly just Iran,” Thakur said.
The cyber-attack is the second such malware targeted against Iran. The Stuxnet computer virus attacked Iran’s nuclear facilities and damaged centrifuges in 2010, delaying Iran’s production of enriched uranium. More than half of Stuxnet-infected computers were located in Iran, and it was widely believed that the United States or Israel was involved in the attack.
Copyright 2012 ABC News Radio