Meet Flame, the Trojan Horse That "Redefines Notion of Cyberwar and Cyberespionage"

The Citizen's Guide to the Future
May 29 2012 4:09 PM

Meet Flame, the Trojan Horse That "Redefines Notion of Cyberwar and Cyberespionage"

Last year, the United States and Israel were blamed for building Stuxnet, a computer worm allegedly designed to attack and control Iran’s critical infrastructure. Now a new tool believed to have been built with the backing of as yet unnamed nation states has been discovered in computers across the Middle East—only this time it is being used for surveillance, not sabotage.

Ryan Gallagher Ryan Gallagher

Ryan Gallagher is a journalist who reports on surveillance, security, and civil liberties.

Security researchers from the Kaspersky Lab yesterday revealed they had found and analyzed a Trojan-horse tool called “Flame,” which they dramatically described as “one of the most complex threats ever discovered” that “pretty much redefines the notion of cyberwar and cyberespionage.” 

Advertisement

Unlike Trojans deployed by criminals to steal money from bank accounts, Flame infects a system and scours it for intelligence contained in emails, documents, and messages. Once installed on a targeted computer, it can secretly take screenshots and even record audio from a microphone, sending this information back to its “master” under cover of an encrypted channel.

After conducting in-depth research into Flame, the Kaspersky researchers estimate it has affected “thousands of victims worldwide” and targeted specific individuals, including people working in academia or for private companies. It was found in Iran, Israel, Palestine, Sudan, Syria, Lebanon, Saudi Arabia, and Egypt.

The geography of the targeted countries, paired with the complexity of Flame’s design, led the researchers say that—though they did not name any suspects—there is “no doubt” a nation state sponsored the research that went into it. As Evgeny Morozov wrote on Future Tense yesterday, developing cyberweapons “requires a lot of resources, time, and operational secrecy.”

Law enforcement agencies are known to have used Trojan tools to carry out Flame-like surveillance functions—as was revealed in Germany by savvy computer hackers in 2011. Even the FBI, which along with other Western nations has held behind-closed-doors meetings about computer infiltration, has developed its own Trojan horse. But what appears most significant about Flame is that it has been deployed on a large scale—not just to target a cluster of terror suspects, but for widespread and indiscriminate intrusion of computer systems across an entire region.

According to Kaspersky’s analysis, Flame can infect computers through local area networks or be unwittingly picked up from websites or through email phishing, infecting “several dozen” computers at a time and siphoning their data simultaneously.

Once the stolen data have been analysed by the unknown controller of Flame, computers containing “interesting” data stay infected and are spied on. Flame is removed from those deemed not worth the time. The controllers can simply send an update to an infected computer that secretly deletes all traces of it. So, effectively, this means that large numbers of unsuspecting, entirely innocent individuals have had their computers infected, their documents copied, then the Trojan removed—and they will never know or find out they have been targeted in the first place.

Future Tense is a partnership of SlateNew America, and Arizona State University.

TODAY IN SLATE

Foreigners

More Than Scottish Pride

Scotland’s referendum isn’t about nationalism. It’s about a system that failed, and a new generation looking to take a chance on itself. 

What Charles Barkley Gets Wrong About Corporal Punishment and Black Culture

Why Greenland’s “Dark Snow” Should Worry You

Three Talented Actresses in Three Terrible New Shows

Why Do Some People See the Virgin Mary in Grilled Cheese?

The science that explains the human need to find meaning in coincidences.

Jurisprudence

Happy Constitution Day!

Too bad it’s almost certainly unconstitutional.

Is It Worth Paying Full Price for the iPhone 6 to Keep Your Unlimited Data Plan? We Crunch the Numbers.

What to Do if You Literally Get a Bug in Your Ear

  News & Politics
Weigel
Sept. 16 2014 7:03 PM Kansas Secretary of State Loses Battle to Protect Senator From Tough Race
  Business
Moneybox
Sept. 16 2014 4:16 PM The iPhone 6 Marks a Fresh Chance for Wireless Carriers to Kill Your Unlimited Data
  Life
The Eye
Sept. 16 2014 12:20 PM These Outdoor Cat Shelters Have More Style Than the Average Home
  Double X
The XX Factor
Sept. 15 2014 3:31 PM My Year As an Abortion Doula
  Slate Plus
Slate Plus Video
Sept. 16 2014 2:06 PM A Farewell From Emily Bazelon The former senior editor talks about her very first Slate pitch and says goodbye to the magazine.
  Arts
Brow Beat
Sept. 16 2014 8:43 PM This 17-Minute Tribute to David Fincher Is the Perfect Preparation for Gone Girl
  Technology
Future Tense
Sept. 16 2014 6:40 PM This iPhone 6 Feature Will Change Weather Forecasting
  Health & Science
Medical Examiner
Sept. 16 2014 11:46 PM The Scariest Campfire Story More horrifying than bears, snakes, or hook-handed killers.
  Sports
Sports Nut
Sept. 15 2014 9:05 PM Giving Up on Goodell How the NFL lost the trust of its most loyal reporters.