Flame

Overview

The Flame worm that has targeted computers in the Middle East is being called "the most sophisticated cyberweapon yet unleashed" by Kaspersky Lab researchers who discovered it The virus reportedly captures sensitive information through a variety of means — “sniffing” data sent across the Internet and internal networks, recording keystrokes, capturing screenshots while applications like messaging programs are running, even turning on a computer’s built-in microphone and recording audio of conversations, according to three cyber labs that detected it.

Composition

Flame’s architecture is modular in nature, allowing its functionality to be extended when its operators deem it necessary. It is a remotely reprogrammable data stealer that can seize, transmit and then delete files. It is said that the package of modules which build Flame comprises about  20 megabytes, with about 3,000 lines of code. It is said that flame includes libraries for compression, database manipulation, multiple methods of encryption, and batch scripting

--

Dr.B.M