The virus can not only steal data but disrupt computers by removing critical files, says a Symantec researcher.
The infamous Flame virus can delete files from a computer and is likely the cause of a cyberattack against Iran in April, according to new findings.
Flame was originally identified for its ability to steal data and capture information from keystrokes, PC displays, and audio conversations.
But a new component of Flame uncovered by security firm Symantec gives its operators the power to delete important files from compromised computer systems, Symantec researcher Vikram Thakur revealed yesterday.
Such power means that the virus can disrupt critical software and "completely disable operating systems," Reuters reported based on Thakur's findings.
"These guys have the capability to delete everything on the computer," Thakur said, according to Reuters. "This is not something that is theoretical. It is absolutely there."
If true, Flame can be used as a weapon against nations to attack vital infrastructure systems, such as dams, chemical plants, and manufacturing facilities, Reuters added. And it could have been used as a weapon against Iran this past April.
Boldizsar Bencsath, an expert on cyber warfare with Hungary's Laboratory of Cryptography and System Security, told Reuters that there was at least a 20 percent chance that Flame was behind the attack against Iran.
Reportedly discovered by Kaspersky Labs, Flame targeted Iran and countries in the Middle Eastby infecting a host of computers across the region. CEO Eugene Kaspersky compared the new malware to its Stuxnet predecessor and said it seemed to be state-sponsored.
Some reports have named United States and Israel as the sources behind Flame.
In response, the U.S. has remained mum. Israel has denied any involvement despite comments by prime minister Moshe Ya'alon that countries concerned about Iran's nuclear program might use such cyberattacks "to harm the Iranian nuclear project."
No comments:
Post a Comment