- GOP offer to fix VA gives $10 billion in emergency funds
- Paul Ryan offers to repair U.S. economic safety net with a single grant stream
- Kim Jong-un builds bond with Putin: $250M Russia-backed addition to key port opens
- Pope Francis meets Meriam Ibrahim, a Sudanese woman sentenced to death
- Detroit porch shooting trial: Suspect says he didn’t know gun was loaded
- U.S. Navy admiral ‘receptive’ to giving Chinese counterpart a tour of carrier
- Islamic State orders female genital mutilation for Mosul girls, U.N. says
- U.N. school in Gaza caught in cross-fire; 15 killed
- Obama encourages ICE to stand down, say former border agents
- Pro-Palestinian protesters attack Israeli soccer team in Austria match
Spyware virus takes data from Iran, more
Israeli involvement hinted in cyberattack
Question of the Day
JERUSALEM — A Russian-based Internet security firm says a powerful computer virus with unprecedented data-snatching capabilities has attacked computers in Iran and elsewhere in the Middle East.
Iran has not disclosed any damage done by the new spyware virus, dubbed “Flame.” Its origin has not been identified, but Israel’s vice premier fueled speculation that his country, known for its technological innovation and tireless campaign against Iran’s suspect nuclear program, unleashed it.
Russian digital security provider Kaspersky Lab, which identified the virus, said in a release posted on its website late Monday that “the complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date.”
It said preliminary findings suggest the virus has been active since March 2010 but eluded detection because of its “extreme complexity” and the fact that only selected computers are being targeted.
Flame’s primary purpose, it said, “appears to be cyberespionage, by stealing information from infected machines” and sending it to servers across the world.
According to Kaspersky, the virus collected information not only in Iran, but also in Israel and the Palestinian territories, Sudan, Syria, Lebanon, Saudi Arabia and Egypt. Iran, however, was far and away the country most affected, it said.
A unit of the Iranian communications and information technology ministry said only that it has produced an anti-virus capable of identifying and removing the new malware.
The Flame virus is the fourth known cyberattack on Iranian computer systems.
Comments Tuesday by Israel’s vice premier did little to deflect suspicion about possible Israeli involvement in the latest attack.
“Whoever sees the Iranian threat as a significant threat is likely to take various steps, including these, to hobble it,” Vice Prime Minister Moshe Yaalon told Army Radio. “Israel is blessed with high technology, and we boast tools that open all sorts of opportunities for us.”
Israel, like the West, rejects Tehran’s claims that its nuclear program is designed to produce energy, not bombs. It considers Iran to be the greatest threat to its survival and repeatedly, if obliquely, threatened to attack Iran’s nuclear facilities if Tehran doesn’t abandon its uranium-enrichment project, a key element of bomb-making.
Because Flame is so complex, was not designed to hack into bank accounts and doesn’t have the hallmarks of amateur hackers, Kaspersky has concluded that the research that went into the code was government-sponsored.
The code offers no information that can tie Flame to any specific country, Kaspersky said in its release, but a company agent in Israel said, “[Y]ou could more or less put your finger on any Western nation.”
There is no indication of what kind of material it stole, but “we know that the computers that were infected were computers with very sensitive information” because the virus can be modified to mine whatever information is sought, added Ilan Froimovici, technical director at Power Communications, Kaspersky’s representative in Israel.
Evidence suggests the same programmers were behind both Flame and Stuxnet, a virus that disrupted controls of some nuclear centrifuges in Iran in 2010, Mr. Froimovici said. The centrifuges are devices used in enriching uranium.
The two codes “use the same vulnerabilities in the operating system and the computer infrastructure in order to infect the computer system. We do believe that the same programmers built the two codes,” he said.
TWT Video Picks
The subsidies are a hit with patients who don't exist
- Hamas rejects Kerry's call for cease-fire; Fears grow others could join fight against Israel
- Algerian plane diverted due to storms, second aircraft: 116 missing
- Whistleblowers flood VA with lawsuits despite apology
- Obama's empty tough-talk: Gun prosecutions plummet on his watch
- 'We're coming for you, Barack Obama': Top U.S. official discloses threat from ISIL terrorists
- Obama says public not familiar enough with issues
- Conservative groups decry Democrats' 'war on women' tactic
- NAPOLITANO: What if our democracy is a fraud?
- Astronaut shares 'saddest photo' from space: Bombs bursting over Israel, Gaza
- EDITORIAL: Obamacare enrollees faking for freebies
Obama's biggest White House 'fails'
Celebrities turned politicians
Athletes turned actors
20 gadgets that changed the world
Fighting in Iraq