Iran Confirms Attack by New Data Virus

Source: NY Times

The computers of high-ranking Iranian officials appear to have been penetrated by a data-mining virus called Flame, in what may be the most destructive cyberattack on Iran since the notorious Stuxnet virus, an Iranian cyberdefense organization confirmed on Tuesday.

In a message posted on its Web site, Iran’s Computer Emergency Response Team Coordination Center warned that the virus is potentially more harmful than the 2010 Stuxnet virus, which destroyed several centrifuges used for Iran’s nuclear enrichment program. In contrast to Stuxnet, the newly identified virus is designed not to do damage but to secretly collect information from a wide variety of sources.

Flame, which experts say could be as many as five years old, was discovered by Iranian cyberexperts. In a statement about Flame on its Web site, Kaspersky Lab, a Russian producer of antivirus software, said that “the complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date.”

The virus bears special encryption hallmarks that an Iranian cyberdefense official said bear strong similarities to previous Israeli malware. “Its encryption has a special pattern which you only see coming from Israel,” said Kamran Napelian, an official with Iran’s Computer Emergency Response Team. “Unfortunately, they are very powerful in the field of I.T.”

Read more: http://www.nytimes.com/2012/05/30/world/middleeast/iran-confirms-cyber-attack-by-new-virus-called-flame.html