Flame was discovered after a cyber attack on Iran’s refineries. According to some accounts, the attack was carried out by Israeli specialists without consulting their counterparts from the United States, which caused the latter great discontent. They can be understood — about the virus became known, it was investigated by experts of antivirus companies. However, the virus still remains very dangerous, effective ways to combat it has not yet been found. According to experts of Kaspersky Lab, it can take up to ten years to complete decryption of the virus. This long term is explained by the size of the Trojan program — it “weighs” about twenty megabytes, which for the virus is simply a huge size.
By its structure, the malware presents a set of tools for launching attacks on remote computers. First, the basic block of the Trojan program is implemented on the enemy’s computer, after which up to twenty additional modules carrying out specific spying functions can be loaded. The program can intercept network traffic, track keystrokes, record sound from a microphone. One of the modules of the virus is able to connect to mobile phones nearby from the infected computer and download all the information from them.
Prior to its detection, the virus managed to hit more than six hundred computers, most attacks were carried out on sites in the Middle East. Specifically, Flame has been used against Iran, the Palestinian Authority, Syria, Lebanon, Sudan, Saudi Arabia, Egypt.