7/2/2019 Flame: anatomy of a super-virus - Telegraph

Flame: anatomy of a super-virus

The Flame espionage virus, believed to target Iran, among others, has been identified as the
most complex malicious software ever discovered.

Attackers are though to have extracted customer names, encrypted credit or debit card numbers and expiration
dates Photo: ALAMY

10:08AM BST 29 May 2012

Security experts are still dissecting the Flame code, which is many times longer than any other
computer virus, but some facts are clear:

Basics

Up to 20MB file (by comparison Stuxnet, which dmaage Iranian uranium centrifuges, is around
500KB)
Infects Windows XP, Windows Vista and Windows 7 systems
Detected in Iran, Russia, Egypt, the West Bank, Lebanon, Syria, Sudan

Espionage capabilities

Taking screenshots
Covert sound recording
Intercepting keyboard strokes
Monitoring network activity
Detects 100 types anti-virus software and conceals its presence

https://www.telegraph.co.uk/technology/9296926/Flame-anatomy-of-a-super-virus.html 1/2
7/2/2019 Flame: anatomy of a super-virus - Telegraph

Creates a database to store stolen information

Communicates with command and control servers over encrypted channels

Propagation

Via USB sticks

On local networks via printers
As a self-spreading internet “worm” when directed by its controllers

© Copyright of Telegraph Media Group Limited 2019

https://www.telegraph.co.uk/technology/9296926/Flame-anatomy-of-a-super-virus.html 2/2