Earlier this week, Kaspersky Lab announced that a staggering amount of private data had been collected via a malware known as Flame, which had been active since 2010. Although it doesn’t appear that the data collected was made public, or used for the purpose of identity theft, Flame is thought to have been the product of state-sponsored cybercrime.
According to the UN’s International Telecommunications Union, of the three player’s involved in the creation of malware, only a nation-state would be capable of and would benefit from Flame’s complex method of collecting data. What’s more, Flame does not appear to be either physically destructive to either the infected networks or the data collected, which has lead researchers to conclude that it’s only purpose was to collect and not be discovered. Big Brother was watching, and most of eyes were on other brothers.
The Flame malware is some 20MB in size, making it one of the largest of it’s kind, and was used to map networks, take screenshots, and even record audio conversations. Some 600 or so targets have been identified and include both individuals and organizations (including private businesses and government institutions). However, the targets appear to be largely region-specific. Flame focused on the collection of sensitive information from middle eastern countries like Iran, Israel, and Syria. Individuals and businesses existing outside of these regions were likely not at risk. In addition, Flame was designed to attack only Microsoft systems, which means that those running Apple’s OS (a slim 10% of users) can write off the malware as a Windows-specific threat.
As for the far-reaching effects of Flame, researchers are still gathering information to determine the authors and users of the malware. Until such research concludes, understanding the exact purpose of the data collection is largely a guessing game. One thing’s for sure though, cybercrime isn’t just for hackers anymore.