Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Flame: The Massive Stuxnet-Level Malware Sweeping the Middle East

samzenpus posted more than 2 years ago | from the new-bad-guy dept.

Security 224

An anonymous reader writes "Wired is reporting on a massive, highly sophisticated piece of malware has been newly found infecting systems in Iran and elsewhere and is believed to be part of a well-coordinated, ongoing, state-run cyberespionage operation. Kaspersky Lab, the company that discovered the malware, has a FAQ with more details."

cancel ×

224 comments

Sorry! There are no comments related to the filter you selected.

First post (-1, Offtopic)

Elldallan (901501) | more than 2 years ago | (#40136833)

tada

Re:First post (-1)

Anonymous Coward | more than 2 years ago | (#40137305)

dam u str8 babygurl

Re:First post (1)

Anonymous Coward | more than 2 years ago | (#40137709)

Well yes, but which OS does this malware run on?

FAQs /.ed (0)

vlm (69642) | more than 2 years ago | (#40136849)

The FAQ above is /.ed. Anyone have a better link? Maybe something at isc.sans.edu or ... ? I'm not terribly interested in reading FUD or stuff run thru a journalist filter for 4th graders, a technical link would be appreciated.

Re:FAQs /.ed (1)

kae77 (1006997) | more than 2 years ago | (#40136865)

You must have just missed it. I read through the whole article -- it's written by a researcher working on the project, not just a journalist who's trying to make it understandable for everyone. It's certainly not a white paper on the technical aspects, but it's fairly robust in it's description on the information they have today.

Re:FAQs /.ed (3, Informative)

matty619 (630957) | more than 2 years ago | (#40136901)

Re:FAQs /.ed (1)

matty619 (630957) | more than 2 years ago | (#40136907)

Sorry, all I got.

Re:FAQs /.ed (5, Funny)

ColdWetDog (752185) | more than 2 years ago | (#40136905)

TFA purports that somebody wrote a bunch of code that is a virus, trojan, malware and toaster driver all at once. Nobody knows who did it or why, but they must be very smart. It hijacks data, voice, video and neural transmissions and appears to be able to perform telekinesis. It was likely written sometime after 1996 and before 2021.

It's big.. Really big. So big that it would fit on any USB drive or email attachment created since, well, 1996.

It's smart. Really smart. So smart that it's going to take us literally months of press reports to get it out.

It goes after the Usual Suspects. It may or may not be related to Stuxnet, tilde, Steven P. Jobs or George Bush (either or both of them).

For some strange reason, the coders wrote the thing pretty much unobfuscated. Except that unobfuscated isn't a word.

Be afraid. Be very afraid.

Good Times (1)

djl4570 (801529) | more than 2 years ago | (#40137115)

Sounds like a description of "Good Times." Will it chase gradeschoolers with my snow blower?

Re:Good Times (1)

fleebait (1432569) | more than 2 years ago | (#40137439)

Sounds like a description of "Good Times." Will it chase gradeschoolers with my snow blower?

There's an attachment for that!

It's a what? (5, Funny)

AliasMarlowe (1042386) | more than 2 years ago | (#40137159)

TFA purports that somebody wrote a bunch of code that is a virus, trojan, malware and toaster driver all at once.

You mean it's like a Facebook phone?
Apart from the toaster bit, which might be useful...

Re:It's a what? (0)

Anonymous Coward | more than 2 years ago | (#40137721)

You mean it's like a Facebook phone?

More likely that it's like Microsoft's latest OS. Except that it's free. And SOMEBODY wanted it.

Re:FAQs /.ed (4, Insightful)

Frosty Piss (770223) | more than 2 years ago | (#40137257)

The story also states:

its complexity, the geographic scope of its infections and its behavior indicate strongly that a nation-state is behind Flame, rather than common cyber-criminals â" marking it as yet another tool in the growing arsenal of cyberweaponry.

What I don't understand is why a massive and technically complex piece of malware necessarily has to be written by a "nation-state"? There are no really smart hackers around that might want to do something like this for the challenge? One might think that a smart hacker might want to point the smoking gun in a different direction?

Explain, please.

Re:FAQs /.ed (3, Informative)

TheRealMindChild (743925) | more than 2 years ago | (#40137331)

I think it is both a matter of money and resources. A "nation-state" has as much money as anyone can, and they also can place moles/agents in a lot of places where your average, even "smart", hacker would shit his pants. Not only that, a lone man can only do so much

Re:FAQs /.ed (2, Insightful)

hairyfeet (841228) | more than 2 years ago | (#40137955)

because the average cyber criminal is gonna go after a large target because like all criminals they are lazy and want the most bang for their time, whereas these things are HIGHLY specialized, with Stux it was specialized to the point of absurdity, so while your average or even smart cyber criminal isn't gonna bother attacking a system with such a small target area and which takes more work than say...ohh...fooling someone with an SMS scam nations on the other hand that want to fuck something specific up without going to war will spend the bux to build something like this.

Re:FAQs /.ed (2)

couchslug (175151) | more than 2 years ago | (#40137281)

"Except that unobfuscated isn't a word."

http://en.wiktionary.org/wiki/unobfuscated [wiktionary.org]

Re:FAQs /.ed (0, Flamebait)

Anonymous Coward | more than 2 years ago | (#40137549)

And Wikitionary isn't a dictionary, it's a faggot hangout.

Re:FAQs /.ed (0)

Anonymous Coward | more than 2 years ago | (#40137751)

unobfuscated [merriam-webster.com]

Re:FAQs /.ed (1)

Arancaytar (966377) | more than 2 years ago | (#40137519)

before 2021.

Paging John Connor...

Re:FAQs /.ed (0)

Anonymous Coward | more than 2 years ago | (#40137939)

Wow - sound like Window XP :)

Kap Crap (0, Interesting)

Anonymous Coward | more than 2 years ago | (#40136851)

Isn't this the same company that made the bogust spoof about malware on systems? With an aggressive "NEED TO UPGRADE TO PREMIUM?"

Kaspersky Again (4, Interesting)

matty619 (630957) | more than 2 years ago | (#40136869)

Is it coincidence that a Russian security firm keeps finding these clandestine state-sponsored Middle-eastern directed malware? Or are US and European security firms simply instructed to look the other way? /tinfoilhat

Re:Kaspersky Again (0)

rockout (1039072) | more than 2 years ago | (#40136895)

Since it's only been twice, I think we can call it a coincidence.

Re:Kaspersky Again (3, Interesting)

mpoulton (689851) | more than 2 years ago | (#40136931)

In my opinion, Us, European, and Russian security firms should ALL be looking the other way and keeping their mouths shut. Once it's reasonably clear that a piece of malware is an espionage tool directed at our mutual targets of intelligence interest, and that it doesn't pose a general threat to our own information security, they should keep it to themselves. There's nothing patriotic, altruistic, laudable, or beneficial about screwing up legitimate national intelligence projects. This ain't a scandal, corruption, or anything of the sort.

Re:Kaspersky Again (5, Insightful)

NeutronCowboy (896098) | more than 2 years ago | (#40136957)

What about keeping the general population informed about what the world is up to? You know, so that the electorate can make electoral decisions based on actual information rather than fear-mongering? Or is this just an outdated concept, and we should let our politicians just tell us what we should worry about?

Re:Kaspersky Again (5, Insightful)

mpoulton (689851) | more than 2 years ago | (#40137031)

Should the details of the latest stealth aircraft technology be publicly disclosed so voters can make informed decisions? The latest in radar-absorbing paint, if it exists in a usable form? Nuclear weapon design details (the important details, not the general info that's already public)? Every detail of the President's personal security? Come on. Some things are relevant enough to the political process that voters must be informed. Other things are not, and secrecy is critically important for some of them.

Re:Kaspersky Again (2, Informative)

NeutronCowboy (896098) | more than 2 years ago | (#40137061)

Holy crap dude - can you understand the difference between understanding what your opponents are up to, and technical details and specs of your gadgetry? One is something that is crucial towards formulating an effective strategy, the other is crucial to formulating battlefield tactics. I'm sure you can figure out which is which.

Re:Kaspersky Again (1)

Em Adespoton (792954) | more than 2 years ago | (#40137075)

Should the details of the latest stealth aircraft technology be publicly disclosed so voters can make informed decisions? The latest in radar-absorbing paint, if it exists in a usable form? Nuclear weapon design details (the important details, not the general info that's already public)? Every detail of the President's personal security? Come on. Some things are relevant enough to the political process that voters must be informed. Other things are not, and secrecy is critically important for some of them.

The answer to the first one anyway is "yes" -- assuming that it's not your country who's working on it. While all the security companies have a US presence, most are global in scope, and a sizeable portion of their customers are not in the US.

Re:Kaspersky Again (4, Insightful)

Anonymous Coward | more than 2 years ago | (#40137125)

Should the details of the latest stealth aircraft technology be publicly disclosed so voters can make informed decisions? The latest in radar-absorbing paint, if it exists in a usable form? Nuclear weapon design details (the important details, not the general info that's already public)? Every detail of the President's personal security? Come on. Some things are relevant enough to the political process that voters must be informed. Other things are not, and secrecy is critically important for some of them.

Ok I'll say it. If you don't want something to go public DON'T post it on the internet.
Stealth technology is fucking secret. You don't see the details on the internet do you ?
Secret is secret, putting something on the internet is everything except secret.

Re:Kaspersky Again (4, Interesting)

spazdor (902907) | more than 2 years ago | (#40137231)

Should the details of the latest stealth aircraft technology be publicly disclosed so voters can make informed decisions?

If the latest stealth aircraft is designed to break into civilians' homes and hide there, then, um, yes. Yes they should.

Re:Kaspersky Again (5, Insightful)

flaming error (1041742) | more than 2 years ago | (#40137251)

Liberty is less threatened by foreign evildoers than by domestic injustice. Laws that stack the deck, and laws that are selectively enforced, are what any lovers of freedom should fear.

It's not secret technology that protects us. Freedom's only hope is a people that won't take crap from their government.

I think armed revolution would be a stupid and counterproductive idea. But bloodless or bloody, technical tactical details of the hardware we've bought with our own money could be handy to know.

Of course it's not as simple as I portray it, but progress and freedom depend on transparency, warfare and tyranny depend on secrecy. When so much is secret, even our laws, we must ask ourselves if our priorities are straight.

Re:Kaspersky Again (0)

Anonymous Coward | more than 2 years ago | (#40137243)

Um, I think you need to come with me to uhh "summer camp" for re-educa..... I mean, summer fun activities sir!!

Re:Kaspersky Again (2)

couchslug (175151) | more than 2 years ago | (#40137289)

"You know, so that the electorate can make electoral decisions based on actual information rather than fear-mongering?"

As if they would ever do such a thing. Most people are contemptibly stupid and deserve the politicians they CHOOSE to elect and support with such passion.

Re:Kaspersky Again (1)

K. S. Kyosuke (729550) | more than 2 years ago | (#40137353)

What about keeping the general population informed about what the world is up to?

Because of the overall "quality" of media worldwide, removing such a limitation on information dissemination would hardly amount to achieving the goal of the general population being informed.

Re:Kaspersky Again (3, Interesting)

houghi (78078) | more than 2 years ago | (#40137681)

Voting is done by emotion, not by logic.

Belgium has a multi-party system and before the elctions there was a voting test (stemtest) if you did not know who to vote for.
With several questions about statements and the importance of those statements.

Several politicians who tried it where apparently in the wrong party. That could be explained that they went to a certain party for whatever reason.

Several friends of mine who did the test got to a different party then what they would normally vote for. When I asked them if they would vote for that new party, the answer was mostly no and sometimes, I do not know yet.

When I asked why, the answers where always emotional, not rational. These people were well informed and STILL went with their emotions. Some of them based on fear, others on not wanting to break tradition "because that who they voted for before".

Re:Kaspersky Again (5, Insightful)

gstoddart (321705) | more than 2 years ago | (#40137003)

There's nothing patriotic, altruistic, laudable, or beneficial about screwing up legitimate national intelligence projects.

Why should they care about 'national intelligence' as it pertains to other countries? They have no duty to protect whoever created this. Hell, until they've done the analysis, they don't even know who the hell it is.

If you have code out there that's an attack vector, it's a vulnerability for everyone. If someone repurposed the attack, it's something which can be exploited.

Do you think people should have laid low on the topic of the Sony rootkit on CDs because, clearly they were justified?

I don't buy your argument -- security researchers are looking for vulnerabilities we could all be subject to.

National intelligence be damned ... how the hell are you supposed to know what is being targeted and by whom? Did China write this? The US? Russia? Tuvalu?

That's like saying people should stop worrying if the police are breaking laws because they're doing it for our own good. Then ends don't always justify the means.

Re:Kaspersky Again (0)

pitchpipe (708843) | more than 2 years ago | (#40137069)

Sorry, I don't have mod points so... MOD PARENT UP.

Re:Kaspersky Again (1)

Anonymous Coward | more than 2 years ago | (#40137271)

Once it's reasonably clear that a piece of malware is an espionage tool directed at our mutual targets of intelligence interest, and that it doesn't pose a general threat to our own information security, they should keep it to themselves

Perhaps you could take that thought further, and consider what the act of making this piece of malware public indicates about the nature of threat to our own information security.

Re:Kaspersky Again (1)

Anonymous Coward | more than 2 years ago | (#40137351)

Dear sir, you are an idiot.

Not every one who is vilified by the media or the politicians is a true enemy and not every so called friendly state and receives billions in aid an ally (Packistan and alikes)...

Re:Kaspersky Again (1)

Anonymous Coward | more than 2 years ago | (#40137569)

Every piece of malware is a general threat to information security.

The only legitimate interest is the continued progress of civilization, and a global information infrastructure is required for this. Anything threatening it will be exposed and dealt with.

Re:Kaspersky Again (2)

John Hasler (414242) | more than 2 years ago | (#40137683)

There's nothing patriotic, altruistic, laudable, or beneficial about screwing up legitimate national intelligence projects.

There exist differences of opinion as to what is "legitimate".

Re:Kaspersky Again (0)

jo42 (227475) | more than 2 years ago | (#40137685)

There's nothing patriotic, altruistic, laudable, or beneficial about screwing up legitimate national intelligence projects.

"Heil mpoulton!" "Heil, mein Fuhrer!!" "Sieg Heil!!!"

Re:Kaspersky Again (0)

Anonymous Coward | more than 2 years ago | (#40137759)

Umm excuse me? If the story is true...it's illegal, or is that not important to you? For instance, it's a guess that it was done by a 'nation-state'...maybe it was an individual or a corporation...so should that be ignored? It's not like someone signed the damn thing 'Property of the US Intelligence Service'...this company is getting PAID to find and eradicate 'bad stuff', they wouldn't be doing their job if they just ignore it. Of course since it's happening to the 'bad guys' you are o.k. with it, provided 'bad' & 'good' is defined to your satisfaction.

Re:Kaspersky Again (0)

Anonymous Coward | more than 2 years ago | (#40136933)

Good theory I think, but no hard facts for it. Perhaps if it happened a few more times. Nothing stopping the western faction from "uncovering" any number of things they planted themselves.

Re:Kaspersky Again (2)

gl4ss (559668) | more than 2 years ago | (#40136953)

well.. in this case apparently they just "re-found" it. it was already discoverd.

kaspersky just brought to "western" world by calling it "super cyber-weapon" because it's soooo complex by having 3000 lines of lua and 20mbytes of libs(ssh, lua and some shit like that).

Re:Kaspersky Again (1)

sosume (680416) | more than 2 years ago | (#40136963)

Most US-made products are illegal to be sold to Iran, both export- and import restrictions will apply. Defying such rules guarantees life-long trouble at the airport and when dealing with the government. A Russian antivirus company won't have such problems; theoretically they could be barred from the US and European markets for selling advanced technology to Iran but that seems unlikely at the moment.

Re:Kaspersky Again (1)

O('_')O_Bush (1162487) | more than 2 years ago | (#40137023)

Maybe Russia has more access to middle eastern states that play nice with Russia than the U.S./Europe and their ties with Israel do?

Re:Kaspersky Again (1)

mTor (18585) | more than 2 years ago | (#40137111)

I have no idea whether American firms are "in on it" but if I was running Windows and I needed AV solution, Kaspersky AV would be my top choice simply because of their track record.

Re:Kaspersky Again (2)

0123456 (636235) | more than 2 years ago | (#40137373)

Indeed. Who would buy an AV solution with a declared record of not blocking 'it's in a good cause' malware?

Re:Kaspersky Again (1)

geniice (1336589) | more than 2 years ago | (#40137423)

Could be a marketing strategy. This kind of stuff is of limited interest to conventional security firms (a focused attack by someone with more resources than you isn't something you can do much about and isn't a very large market) but it does make your company look like they know what they are doing. US and European companies may use different marketing strategies.

Re:Kaspersky Again (2)

artor3 (1344997) | more than 2 years ago | (#40137501)

No coincidence, but not a conspiracy either. Kaspersky wants to sell protection throughout the Middle East, and this is a great way to market it. The US & European firms know that such a marketing strategy would be a lost cause for them.

Going against the trend (4, Interesting)

satuon (1822492) | more than 2 years ago | (#40136871)

It seems those kinds of viruses are going against the trends, which is using social engineering nowadays, and not very sophisticated software. For example, the oh-so-dangerous Chinese hackers mostly use tactics which boil down to sending emails asking you in clever ways to execute the attached exe or to enter your username and password on their website that looks like your legitimate one.

It's refreshing to see a virus which targets, you know, the actual computer instead of the user.

A Step in the Right Direction (-1, Troll)

craigminah (1885846) | more than 2 years ago | (#40136875)

Since Iran support/sponsors terrorists and has enough nuclear material to make an estimated five nuclear weapons (although the material may be slightly too crude to weaponize at the moment), I see no problems with this type of attack. It's not going to have much collateral damage (I doubt it would target a water plant, for example, only the nuclear facilities), it won't be heard of much in the news because it identifies a weakness, and is very hard to trace but it has the potential to slow Iranian nuclear weapons development. Looks good...what am I missing?

I'd bet the malware was developed either in Israel or the USA...probably Israel with USA support. This could create problems but I think this is a good move.

Re:A Step in the Right Direction (2)

gmuslera (3436) | more than 2 years ago | (#40136913)

A good move? Starting a arms race in a field where you are the most vulnerable player? Is isn't a nuclear thermonuclear one, but in this one the best move is not to play too.

Re:A Step in the Right Direction (1, Interesting)

Anonymous Coward | more than 2 years ago | (#40137039)

Since Iran support/sponsors terrorists and has enough nuclear material to make an estimated five nuclear weapons I see no problems with this type of attack.

And if this was turned around and directed at the US this would be suddenly bad, right?

Because you're the "good guys" so if you do it then it must be OK and if everyone else did it, it should be a crime?

Fuck, no wonder people think America applies a nice double standard to themselves -- fuck you and your Manifest Destiny.

I'll take security researchers who aren't going to just shut up to let security holes be out there to be exploited.

Re:A Step in the Right Direction (3, Insightful)

lgw (121541) | more than 2 years ago | (#40137161)

Well, hard to say if it's realy a weapon, but if so I also approve.

Think about it: this may well be a war, an agreessive confilct between twonations, one of which has nuclear weapons, and the other is close. And how many casualties so far? How many cities levelled? This is a good weapon, as weapons go!

Sure, eventually we'll be attacked by the same, and there will be casualties, but it somehow seems less dangerous to civilians than dropping skyscrapers.

Re:A Step in the Right Direction (3, Insightful)

RodBee (2607323) | more than 2 years ago | (#40137359)

Wait.

Do you seriously believe Iran will eventually attack the USA?

For real? Do you think Khamenei will, someday, wake up, drink his coffee and say "What a nice day! I'll deploy the long-range missile technology I don't have to blow up a location half the planet away from me, just because Rush Limbaugh said I probably would do it."?

Re:A Step in the Right Direction (0)

Anonymous Coward | more than 2 years ago | (#40137387)

In hindsight, was project manhattan worth it?

Re:A Step in the Right Direction (1)

Anonymous Coward | more than 2 years ago | (#40137197)

Since Iran support/sponsors terrorists and has enough nuclear material to make an estimated five nuclear weapons ..., I see no problems with this type of attack.

Seriously? The USA has a history of supporting/sponsoring terrorists, among other political shenanigans, and has enough nuclear material to make more than five nuclear weapons. By your reasoning it should be perfectly acceptable to carry out this kind of attack against them, too.

Re:A Step in the Right Direction (0)

Anonymous Coward | more than 2 years ago | (#40137739)

Since Iran support/sponsors terrorists and has enough nuclear material to make an estimated five nuclear weapons ..., I see no problems with this type of attack.

Seriously? The USA has a history of supporting/sponsoring terrorists, among other political shenanigans, and has enough nuclear material to make more than five nuclear weapons. By your reasoning it should be perfectly acceptable to carry out this kind of attack against them, too.

But....but..... god is on their side!

Re:A Step in the Right Direction (5, Insightful)

pitchpipe (708843) | more than 2 years ago | (#40137219)

You obviously didn't RTFA, because if you would have, you would have noticed this sentence.

Kaspersky discovered the malware about two weeks ago after the United Nations' International Telecommunications Union asked the Lab to look into reports in April that computers belonging to the Iranian Oil Ministry and the Iranian National Oil Company had been hit with malware that was stealing and deleting information from the systems.

Why do you jump to the conclusion that if it is targeting Iran it must be a good thing? Do you ever question what you see in the media? What if it was written by programmers hired by wall streeters that were trying to gain an upper hand on the oil market, thereby basically stealing money from the Iranians and from you? Still a good thing? This is probably not the case, but that's just it: until we find out all of the details we need to keep our minds open and quizzical, and question who is feeding us what bullshit and why.

Propaganda is getting more and more sophisticated; it is coming at you from all directions. I'm not saying be paranoid, just to realize that most media that gets presented to you has a purpose. Once in a while see if you can divine that purpose.

Try some critical thinking.

Re:A Step in the Right Direction (4, Insightful)

buchner.johannes (1139593) | more than 2 years ago | (#40137473)

Since Iran support/sponsors terrorists and has enough nuclear material to make an estimated five nuclear weapons (although the material may be slightly too crude to weaponize at the moment),

I'd bet the malware was developed either in Israel or the USA...probably Israel with USA support. This could create problems but I think this is a good move.

I think you should work on your premise there. I don't know which terrorists you speak of. The US and Isreal support terrorists ("freedom fighters") when it is in their interest. Both have large amounts of nuclear weapons. Aren't you applying double standards here? How do you know Iran are the evil guys here (just because they are being portrayed as such in the media)? Iranian leadership is whacky, but it isn't warmongering.

Re:A Step in the Right Direction (0)

Anonymous Coward | more than 2 years ago | (#40137557)

Jeezus fuck, FOX news much?

Goddamned hypocritical, sociopathic Americans... can't even recognize propaganda. That's the difference between the folks in countries like Iran and yourselves - they're smart enough to know their government are lying scumbags who overtly manipulate information, you're too fucking dumb and blind to know or acknowledge it.

It's idiots like you that make this world a far less safe place. Fix your fucking selves before trying to 'fix' the world.

Re:A Step in the Right Direction (0)

Anonymous Coward | more than 2 years ago | (#40137597)

Well, the last time this happend (stuxnet) it fuku'd up an unintended target [berkeley.edu] .

Is public disclosure and analysis a good idea? (0)

mpoulton (689851) | more than 2 years ago | (#40136891)

If the researchers quickly surmised that this is a spy tool deployed by our allies against targets of intelligence interest, it seems like a bad idea to publicly disclose it. This isn't a "Wikileaks" type scenario where they're exposing government corruption for the good of the public. They're just compromising the usefulness of an (apparently sophisticated and expensive) spying tool. Chant all you want about the futility of security through obscurity; it is the entire basis of much espionage, and historically the cooperation of the public in hiding information about intelligence programs has been critical to their effectiveness. That has been true not only in the US but also in Russia where Kaspersky is based. Of course we used to be concealing our intelligence activities from each other, but now our interests are aligned, at least with respect to Iran.

Re:Is public disclosure and analysis a good idea? (1)

0123456 (636235) | more than 2 years ago | (#40136909)

Yeah, because when similar malware hits us in the West we want it to be a total surprise.

Re:Is public disclosure and analysis a good idea? (3, Insightful)

Elldallan (901501) | more than 2 years ago | (#40136977)

Yes it is clearly not in the best interest of the intelligence community to be discovered with whatever plot they're currently plotting away at. On the other hand Kaspersky wants profit, being the first to report on something like this will likely gain them space in the spotlight for the moment at least which translates to profit, so it is probably not in the best interest of Kaspersky to comply with the intelligence community's need for obscurity unless they pay them enough enough(or use some less pleasant means of coercion).

Re:Is public disclosure and analysis a good idea? (2)

Savage-Rabbit (308260) | more than 2 years ago | (#40137677)

On the other hand Kaspersky wants profit, being the first to report on something like this will likely gain them space in the spotlight for the moment at least which translates to profit...

Profit? If I had been a victim of this malware I'd be pretty pissed at Kaspersky since I'd definitely prefer to keep a very tight lid on this. There is great value in using a tool like this, once it has been discovered, to feed it's operator (presumably the Mossad) a big and steaming pile of plausible bullshit.

Re:Is public disclosure and analysis a good idea? (0)

Anonymous Coward | more than 2 years ago | (#40137015)

Well, Russia isn't really so friendly with the USA. Go look at some Russian news outlets...

Related info (-1)

Anonymous Coward | more than 2 years ago | (#40136897)

Here is an interesting, informative article [trollaxor.com] related to the topic of this story.

Re:Related info (0)

Anonymous Coward | more than 2 years ago | (#40137315)

Here is an interesting, informative article related to the topic of this story.

I saw this post demoted, I knew where it led before clicking on it.

The AmigA was all about hardware.

Just because someone happened to work on an Amiga OS doesn't make their Linux variant run like an Amiga

But this is off topic and should be buried.

Pssh, script kiddies (0)

Anonymous Coward | more than 2 years ago | (#40136921)

Using LUA?

Re:Pssh, script kiddies (1)

uhuru_meditation (2573595) | more than 2 years ago | (#40137927)

LUA is cool. Very compact - good for writing small VMs.

mod uP (-1)

Anonymous Coward | more than 2 years ago | (#40136923)

*BSD BUT FRREBSd encountered while

Seriously?? (2)

lexsird (1208192) | more than 2 years ago | (#40136927)

Here we declare that any such actions against us are an act of war, right? If it's an act of war against us, isn't it an act of war against them? Are we behind this? If so, WTF?

Re:Seriously?? (4, Interesting)

Genda (560240) | more than 2 years ago | (#40136971)

First we got the bomb, and that was good,
'Cause we love peace and motherhood.
Then Russia got the bomb, but that's okay,
'Cause the balance of power's maintained that way.
Who's next?
France got the bomb, but don't you grieve,
'Cause they're on our side (I believe).
China got the bomb, but have no fears,
They can't wipe us out for at least five years.
Who's next?

-- Tom Lerher "Who's Next"

Alabama (0)

Anonymous Coward | more than 2 years ago | (#40137291)

First it was the civil war, then that pesky 1901 democratic consitution then the bomb? I guess it's fitting to talk about the next civil war on memorial day... X marks the spot, right?

Re:Seriously?? (1)

Mansing (42708) | more than 2 years ago | (#40137973)

âoeWe'll try to stay serene and calm
When Alabama gets the bomb.â

Re:Seriously?? (1)

mpoulton (689851) | more than 2 years ago | (#40136973)

Here we declare that any such actions against us are an act of war, right? If it's an act of war against us, isn't it an act of war against them? Are we behind this? If so, WTF?

Um, wrong. Where did you get the idea that the US views malware-based foreign espionage as an act of war? If we did, we'd be bombing China. If we're not behind this I'll be disappointed.

Re:Seriously?? (1)

0123456 (636235) | more than 2 years ago | (#40136993)

Um, wrong. Where did you get the idea that the US views malware-based foreign espionage as an act of war?

So if important US systems were infested with Iranian-government malware, Congress wouldn't be demanding that Obama bomb Iran this afternoon?

Re:Seriously?? (1)

Elldallan (901501) | more than 2 years ago | (#40137063)

If it was just espionage and not sabotage they would probably just quietly fix the vulnerabilities and bury the fact that it ever happened as deep as possible, you don't want to publicly admit that critical infrastructure is that vulnerable. Actual sabotage on the other hand would probably be an entirely different story, at least if enough people got hurt or the sabotage was widespread enough that it could not be covered up, if it can still be covered up then it is in their own interest to quietly cover up the fact that it ever happened.

Re:Seriously?? (3, Interesting)

mpoulton (689851) | more than 2 years ago | (#40137065)

Um, wrong. Where did you get the idea that the US views malware-based foreign espionage as an act of war?

So if important US systems were infested with Iranian-government malware, Congress wouldn't be demanding that Obama bomb Iran this afternoon?

Important US government systems ARE being continuously attacked by Chinese-government actors, and Congress is NOT demanding that Obama bomb China. I don't think the result would be any different if it were Iran doing it (and they're probably trying). "Cyber-warfare" is not real war, and in practice it does not provoke a military response these days. It's happening all the time.

Re:Seriously?? (3, Interesting)

Anonymous Coward | more than 2 years ago | (#40137451)

And what do you think are you going to bomb in China, exactly? Your own company's factories? "God damn it, stop hacking us or we'll bomb our own ipad factory!" Yeah, the Chinese are fucking scared...

Re:Seriously?? (4, Interesting)

Anonymous Coward | more than 2 years ago | (#40137471)

Actually it's funny this is right out of Marxist philosophy which says whoever controls the means of the production are the rulers of that society. Well, over the last 20 years China has pulled in all of the world production so guess what that means? Haha, the Chinese are pretty crafty. If only Americans had read Marx instead of burning it they might have seen it coming.

Re:Seriously?? (1)

Elldallan (901501) | more than 2 years ago | (#40136995)

Any such act IS an act of war but thats only a problem if the enemy has the capability and the will to strike back. US/Israel obviously thinks that Iran currently doesn't have the will or capability.

Besides it's typically only a problem if the aggressor is unable to credibly deny the accusations

Re:Seriously?? (0)

Anonymous Coward | more than 2 years ago | (#40137047)

Here we declare that any such actions against us are an act of war, right?

No, since you asked. The US is pretty tolerant of cyber attacks. Little is said about it.

Re:Seriously?? (0)

Anonymous Coward | more than 2 years ago | (#40137173)

Here we declare that any such actions against us are an act of war, right?

No, since you asked. The US is pretty tolerant of cyber attacks. Little is said about it.

The US is not tolerant of cyber attacks. But it can't do otherwise than being tolerant else they would have to bomb a nuclear country. And not even the US is stupid enough to do it. So you bow your head, shout all you want and continue getting ass raped.

Re:Seriously?? (4, Insightful)

Reapman (740286) | more than 2 years ago | (#40137095)

Yeah, just like all the spying and such that went on between the US and Soviet Union - everytime someone was caught it ended up in a new world war.

Oh wait no it didn't. Just because the tools changed doesn't mean much else has. This sort of thing has gone on as long as nations have existed (if not longer), and will go on. If any of this is new or exciting for you, you need to get out more.

Enemy nations spy on each other. Friendly nations spy on each other. It's what nations do. It's not a "ZOMG this proves (nation I hate) is evil!" material.

Re:Seriously?? (0)

Anonymous Coward | more than 2 years ago | (#40137575)

If it's an act of war against us, isn't it an act of war against them?

Pretty sure that ship sailed a long, long time ago. Sponsoring terrorism (oh right, they're 'freedom fighters' when they're on the US's side) and overthrowing democratically elected governments for more than half a century.

"Why do they hate us?" - fucking dumbest question ever.

Ahhh, and they just started... (1)

Genda (560240) | more than 2 years ago | (#40136939)

Ahhh, and they just started enriching uranium again. I guess it's back to yellow cake, and mud pies. Thanks for playing "You bet your P.C.

Who made Flame? (5, Interesting)

Anonymous Coward | more than 2 years ago | (#40137021)

Who made Flame?

Flame seems to use libraries with permissive licenses only. No hacktivists or cybercriminals would care about this issue, they would use whatever works best.

This leaves governments, they might. Why? Because if it ever becomes known who actually made it, that party would need to release all of the sources, had they used libraries under some copyleft license! Why? Well, whoever made Flame has already obviously distributed binaries, so suing for copyleft violation would happen in court, and it would be many people suing, especially the counterparty is the government. It would be a PR disaster, and to risk that on an election year? No way.

Also, Flame requires a considerable infrastructure to store and analyze the spied information. Which governments would be capable of pulling this off? All the big ones with a lot of money to spend: China, Russia, Great Britain, France, USA, Japan, ...

So, which government cares a lot about intellectual property? China? Nope. Russia? Nope. Great Britain - well, yeah. Personally, I don't think it was Great Britain. It would be enlightening to check the Flame Lua-parts (or other plaintext in the main Flame) for spelling of -ise vs. -ize. I bet there's -ize and not -ise.

It is said that Stuxnet and Flame share similar 0-day holes. The nation which developed Stuxnet is Israel and they have a strong history of military and intelligence collaboration with USA. Israel would not have had the capability or capacity to run two such parallel programs on its own.

So who HAS likely NOT made Flame? Drop the nations which are one way or another unlikely candidates, and only one name is really left.

So, who made Flame?
USA made Flame. This is what I think. What's your analysis?

the last 4 stories concern: (5, Funny)

circletimessquare (444983) | more than 2 years ago | (#40137237)

1. a scarier version of stuxnet
2. a Facebook smarphone
3. secret backdoors on military chips
4. workplace havoc because of OS fake holidays

I was going to accuse Slashdot of fearmongering, until I doublechecked and found out that, yes, Facebook really is trying to build a smartphone.

The Apocalypse is near.

"Daemon" anyone? (0)

Anonymous Coward | more than 2 years ago | (#40137239)

I swear this is a page out of that book.

When do we get razorbacks?

DOE compliant (1)

Trax3001BBS (2368736) | more than 2 years ago | (#40137347)


It destroys, then removes all traces of itself.

FTA: "The disk destroyed by Wiper/Viper was filled primarily with random trash, and almost nothing could be recovered from it,"

Very impressive piece of work, done in a language my keyboard can understand.

So can the Americans STFU (-1, Flamebait)

compucomp2 (1776668) | more than 2 years ago | (#40137367)

about the supposed Chinese hackers? Since they're doing the same thing themselves against people they don't like?

But of course they won't. The West can't help but be sanctimonious and hypocritical.

Re:So can the Americans STFU (0)

cornjones (33009) | more than 2 years ago | (#40137507)

about the supposed Chinese hackers? Since they're doing the same thing themselves against people they don't like?

But of course they won't. The West can't help but be sanctimonious and hypocritical.

why would we think this is the US rather than Israel?

Flame Wars (-1, Offtopic)

RPGillespie (2478442) | more than 2 years ago | (#40137457)

There is unrest on the Internet. Several thousand users have declared their intentions to leave the Republic. This Seperatist movement, inspired by the mysterious DuQu, has made it difficult for the limited number of Jedi Knights to maintain peace and order in the Internet...

Right... (0, Insightful)

Anonymous Coward | more than 2 years ago | (#40137967)

OK, the facts, as presented so far:

- Massive, extremely sophisticated spyware is detected on computers in a few Middle East countries; dubbed "Flame", it is suposed to be similar to the infamous (well, at least for some) Stuxnet malware.
- It is not stated that, the origin of the spyware is a North American government.
- The only company that makes a public announcement about this spyware is Kaspersky Lab, a Russian security company, although the spyware in question is supposed to have been "out there" since 2007.
- Kaspersky Lab (KL) made the public announcement, however they do not provide scanner/remover for Flame; in fact, a Flame search at the KL site returns no hits.

Are we to believe that other AV compenies did not know about it? Why is it that no major AV software reports it? Why is it that no Flame remover is publicly available yet?
Load More Comments
Slashdot Login

Need an Account?

Forgot your password?