« Reply #1 on: June 04, 2012, 05:55:24 PM »
This is really cool - and at the same time, supremely frightening. Everyday that passes seems like it is more and more impossible to have any expectation of privacy and in turn, freedom.
LINKThe experts from Turtle Bay quickly realized they were out of their depth with Wiper/Viper and contracted a Russian computer security firm, Kaspersky Lab, to help. As the techs at Kaspersky investigated, they began to find bits and pieces of a much bigger program. What they eventually uncovered forced them to put aside Wiper/Viper and send out an all-hands call to the tech community: a cyber-weapon that made Stuxnet look primitive. They called it Flame.
Stuxnet was like a guided missile with a targeted payload. It was created to spread rapidly, but always to be seeking a particular set of computers?—?machines made by Siemens and used to control centrifuge operations at a uranium enrichment plant. Once Stuxnet reached its destination, it had very precise instructions: It altered the speed of the centrifuges in such a manner as to slowly degrade the equipment and destroy the uranium they contained?—?all while sending false readings back to the operating console so that neither the computer nor the human supervisors would notice the damage being done.
If Stuxnet was like a missile, then Flame is more like a surveillance satellite.
Once a computer is infected by Flame, the program begins a process of taking over the entire machine. Flame records every keystroke by the user, creating a perfect log of all activity. It takes pictures of the screen every 60 seconds?—?and every 15 seconds when instant message or email programs are in use. It records all administrative action on the computer?—?taking note of network passwords, for instance. And it rummages through the computer’s hard drive copying documents and files.
But that’s not all. Flame also takes control of the machine’s Bluetooth capability and turns it into a hub for a small wireless network, bonding with other Bluetooth-enabled devices in the vicinity, such as cell phones. It then uses the Bluetooth connection to case whatever information is on the remote device?—?say, an address book, calendar, or email list. Most spectacularly, Flame is able to turn on the computer’s built-in microphone and record the user, or anyone else who happens to be chatting in the vicinity.
Flame then compiles all of this information?—?the passwords, the documents, the keystroke logs, the screenshots, and the audio recordings?—?encrypts it, and secretly uploads it to a command-and-control server (C&C), where someone is waiting to analyze it.
But once Flame was running, it was like something out of science fiction. Flame could watch a target even when he was completely alone. It could listen to every word he said on the telephone, or through Skype, or to a colleague walking past his desk. It could rifle through his computer files and find any document. Or peek into a cell phone sitting in someone’s pocket in the next room. It never had to worry about getting caught in the act. And on a moment’s notice, it could erase any sign that it was ever there. It kept up constant communication with its handlers, even when they were thousands of miles away, and it always followed orders.
Whoever engineered Flame didn’t just build the most spectacular computer worm ever made. They created the perfect spy.
« Last Edit: June 04, 2012, 05:59:53 PM by BMG »
Logged
“The Constitution is not an instrument for the government to restrain the people, it is an instrument for the people to restrain the government.”
- Patrick Henry
"The more corrupt the state, the more it legislates."
- Tacitus