If I could walk into your home and over to your desk, I could take photos of all your private files, peek at your browser history, install spyware devices and software on your computer and install cameras and listening devices. Yet, I really can’t just walk into your house: your dog would bark, you’d hear me wiggling the door knob or breaking a window. And even if I managed to sneak inside, you’d probably notice me, hard at work, doing all this bad, bad stuff at your computer and throw me out, while calling the police. Yet there is a type of malware out there that can do all these terrible things and has been getting away with it for about two years now. And until now, few even noticed or reported it.
It’s called Flamer, or to techy types W32.Flamer. It’s a PC only problem and is apparently the clever creation of a team of sophisticated computer engineers, likely in the employ of a government. Some even think it’s the worst of its kind, far outstripping the devilish cleverness of Stuxnet, the malware that disabled the Iranian nuclear industry. See the video that follows from CBS News' 60 Minutes program coverage of Stuxnet.
So what can Flamer do? It can steal files, take screenshots of your computer desktop, turn off your internet security software and spread itself, by USB drive or other methods. What makes Flamer particularly dangerous is that it’s part of a new trend for malware to target specific victims or victim groups. Targeted malware was a big trend in our most recent issue of the Internet Security Threat Report, our industry’s go to yearbook for internet security and study of malware. An email with an embedded virus in a fake resume that goes just to the HR teams of major corporations has a good chance of being opened. Or the aim may be to infect a network of a smaller organization, with less employee security training and gain access to the payroll or online banking accounts. Targeted attacks require more cybercriminal effort but potentially offer greater payoffs than non-targeted attacks.
In the case of Flamer, who are the targets? So far (and more study will be needed) it appears most of the targets are residents of the Palestinian West Bank, Hungary, Iran, and Lebanon. Other targets include Russia, Austria, Hong Kong, and the United Arab Emirates. Some of the individuals impacted by this virus may have been attacked due to their personal activities, rather than country of residence or company of employment.
The main thing to take away is that users of Norton security software are protected. Your software will detect the malware as W32.Flamer and prevent infection. If you are not a resident or visitor to the countries or territories mentioned, you likely are safe as well. Be sure to maintain vigilance about internet security and configuring your software to automatically install the latest updates for you. If you find a USB stick, don’t use it unless you are certain it’s been checked for malware. Never click an unknown link in email, text message, social networks or online. Use search rating services like Norton’s Safe Web to help you and your family stay away from malicious websites.