Much ado was made when security experts found Stuxnet wreaking havoc, but it's looking as though the malware was just a prelude to a much more elaborate attack that's plaguing the Middle East. Flame, a backdoor Windows trojan, doesn't just sniff and steal nearby network traffic info -- it uses your computer's hardware against you. The rogue code nabs phone data over Bluetooth, spreads over USB drives and records conversations from the PC's microphone. If that isn't enough to set even the slightly paranoid on edge, it's also so complex that it has to infect a PC in stages; Flame may have been attacking computers since 2010 without being spotted, and researchers at Kaspersky think it may be a decade before they know just how much damage the code can wreak.
No culprit has been pinpointed yet, but a link to the same printer spool vulnerability used by Stuxnet has led researchers to suspect that it may be another instance of a targeted cyberwar attack given that Iran, Syria and a handful of other countries in the region are almost exclusively marked as targets.
Even if you live in a 'safe' region, I still advise you keep an eye out for anything suspicious.
Update:
Here is some additional info I got from Remove-Malware.com. The writer has a YouTube channel, @mrizos I believe. He has millions of page views at this blog.
Flame is very sophisticated modular malware (or espionageware). All of it’s modules amount to a whopping 21 MB. Flame was written in C++ and Lua (Lua is language you don’t see like…ever). Flame can also morph it’s behavior to slip past traditional Antivirus (it’s able to detect over 100 antivirus applications), this apparently works very well.
Flame Objectives:
Flame is designed to quietly steal information by:
- Logging keystrokes
- Capturing all network traffic on the infected PC
- Uploading documents already on the PC
- Enabling built-in microphones and recording the audio (Everyone Hopes that this doesn't happen)
Methods of Infection:
- USB Sticks / Drives
- Via LAN (spooler exploit)
- Possibly via hijacked pages