卡巴斯基发现最复杂电脑病毒“火焰”
精品文档
卡巴斯基发现最复杂电脑病毒“火焰”
卡巴斯基发现最复杂电脑病毒“火焰”俄罗斯电脑安全公
司卡巴斯基实验室近日宣布,他们发现了目前为止世界上最
复杂的一种电脑病毒“火焰”,它能收集数据、远程更改电
脑设置、打开电脑麦克风并收录电脑周边的谈话,还能截屏
并复 俄罗斯电脑安全公司卡巴斯基实验室近日宣布,他们
发现了目前为止世界上最复杂的一种电脑病毒“火焰”,它
能收集数据、远程更改电脑设置、打开电脑麦克风并收录电
脑周边的谈话,还能截屏并复制即时通讯工具聊天内容。
Kaspersky Labs said the program appeared to have been released five years ago and had infected machines in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.
Middle Eastern states were targeted and Iran ordered an emergency review of official computer installations after the discovery of a new virus, known as Flame.
Experts said the massive malicious(恶意的) software
was 20 times more powerful than other known cyber warfare programs including the Stuxnet virus and could only have been created by a state.
It is the third cyber attack weapon targeting systems in the Middle East to be exposed in recent years.
1 / 5
精品文档
Iran has alleged that the West and Israel are orchestrating a secret war of sabotage using cyber warfare and targeted assassinations of its scientists as part of the dispute over its nuclear program.
Stuxnet attacked Iran’s nuclear program in 2010, while a related program, Duqu, named after the Star Wars villain, stole data.
Flame can gather data files, remotely change settings on computers, turn on computer microphones to record conversations, take screen shots and copy instant messaging chats.
The virus was discovered by a Russian security firm Kaspersky lad that specializes in targeting malicious computer code.
It made the 20 gigabyte virus available to other researchers yesterday claiming it did not fully understand its scope and said its code was 100 times the size of the most malicious software.
Kaspersky Labs said the program appeared to have been released five years ago and had infected machines in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.
2 / 5
精品文档
“If Flame went on undiscovered for five years, the only logical conclusion is that there are other operations ongoing that we don’t know about,” Roel Schouwenberg, a Kaspersky security senior researcher, said.
Professor Alan Woodward from the department of computing at the University of Surrey said the virus was extremely invasive. It could “vacuum up” information by copying keyboard strokes and the voices of people nearby.
“This wasn’t written by some spotty teenager in his/her bedroom. It is large, complicated and dedicated to stealing data whilst remaining hidden for a long time,” he said.
The virus contains about 20 times as much code as Stuxnet, which attacked an Iranian uranium enrichment facility, causing centrifuges to fail. Iran’s output of uranium was suffered a severe blow as a result of the Stuxnet activities.
Mr Schouwenberg said there was evidence to suggest the code was commissioned by the same nation or nations that were behind Stuxnet and Duqu.
3 / 5
精品文档
Iran’s Computer Emergency Response Team said it was “a close relation” of Stuxnet, which has itself been linked to Duqu, another complicated
information-stealing virus is believed to be the work of state intelligence.
It said organizations had been given software to detect and remove the newly-discovered virus at the beginning of May.
Crysys Lab, which analyses computer viruses at Budapest University. said the technical evidence for a link between Flame and Stuxnet or Duqu was inconclusive(不确定的) .
The newly-discovered virus does not spread itself automatically but only when hidden controllers allow it.
Unprecedented layers of software allow Flame to penetrate remote computer networks undetected.
The file, which infects Microsoft Windows computers, has five encryption algorithms, exotic data storage formats and the ability to steal documents, spy on computer users and more.
Components enable those behind it, who use a network
4 / 5
精品文档
of rapidly-shifting “command and control” servers to direct the virus, to turn microphone into listening devices, siphon off documents and log keystrokes.
Eugene Kaspersky, the founder of Kaspersky Lab, noted that “it took us 6 months to analyse Stuxnet. is 20 times more complicated”.
Once a machine is infected additional modules can be added to the system allowing the machine to undertake specific tracking projects.
上一篇英语: 银河系将融入仙女座下一篇英语: 太阳能
飞机完成第二次试航查看更多关于科技Science的文章网友
同时还浏览了:
什么是雅思机经,如何巧用雅思机
雅思写作评分
标准
excel标准偏差excel标准偏差函数exl标准差函数国标检验抽样标准表免费下载红头文件格式标准下载
任务完成情况
雅思写作评分标准:连贯与衔接
雅思写作评分标准:词汇资源
雅思写作评分标准:语法的多样性
雅思考试合格标准
5 / 5