Flame Malware Remains Mysterious, But Some Details Emerge

Sheer size alone has been a big reason for the success (if you can call it that) of the Flame malware. This was a point made by InformationWeek, as well as a blog post on Websense that described the scope of this piece of malware.

“The malware has a total size of about 20 MB, which is huge compared to most malware, which is usually less than 1 MB,” the security blog said. “One of the main reasons for its relatively much larger size is its extensive embedded functionality. It consists of several modules, such as decompression libraries, a SQL database, and a LUA virtual machine. So far, known vulnerabilities used in this malware are: MS10-046 and MS10-061. Those were both used in Stuxnet and Duqu to maintain persistence and move laterally on infected networks.”

Don’t expect to see answers about what the Flame is and how it operates in the near future, according to InformationWeek. Flame’s inner workers will take weeks, months or possibly years to fully unveil. InformationWeek said it works by studying installed security products, smartphones and remote access to look for ways to inflict pain on user’s systems. CNET said the malware appears to be state-sponsored and has been wreaking havoc in the Middle East. The news source said it is about 20 times the size of the Stuxnet network, which targeted the Iranian nuclear program.

All of that may sound scary, but people don’t have to be left open to malware like this. Being prepared with security options and being able to block applications that may look suspicious can go a long way toward keeping users safe from disastrous pieces of malware and other viruses like this. While the Flame malware is still relatively mysterious, there will be defenses built against it to stop it from spreading.

How do you go about trying to protect computers against viruses? Do new viruses like this worry you or is it all apart of the back and forth between cybercriminals and cyberdefense? Let us know in the comments!