What’s this Flame Virus all about?

Written by Sean Wallbridge on. Posted in Internet, Security, Victoria

What is the Flame Virus?

First off, if you haven’t heard anything about the Flame Virus, you may want to start here

Here is what is important to you:

  • Flame Virus (also called sKyWIper) was deployed in May, but may have been around since ‘07
  • The virus had a suicide command sent out this month, essentially deleting and ‘recalling’ the virus
  • Designed to get in to Windows systems only
  • Currently being called the most sophisticated Malware yet
The Good
  • Looks like it was designed (everyone is pointing at Israel) to disrupt Iran’s nuclear program
  • The virus has ONLY been reported in the Middle East, and a couple random countries (Iran/Syria/Lebanon/Egypt/Sudan/Saudi/Palestine and reportedly Hungary, Russia and Hong Kong)
  • On June 3rd, the people running the virus sent out a suicide command, wiping the virus
The Bad
  • The suicide command wiped all information and trace of the virus
  • The virus could make a comeback, and as of now there are no real security measures that have been put in place

So What?

Essentially, the virus has the capability to wreak some havoc (it can record audio, take screen shots, record keystrokes/passwords, create files, hell it can even record Skype calls… it’s multi-purpose). Although at this point, the virus is gone due to the suicide commands sent out- most are documenting this as the Israeli government (or whoever is controlling it) trying to cover its own tracks before the virus can be traced. Until further information is released, there really is not much that we as a company can do, or warn people about. Risk is not high here in Canada, but the potential of the virus would definitely worry people.

Microsoft recommends what you would think—keep windows up to date, antivirus up to date, have a firewall, be careful of which files transfers you are accepting, etc.… No other course of action on how to protect has been suggested. Alert is currently low, as the it appears the virus has essentially been recalled.

Now What?

Well, first off, we don’t like to panic folks needlessly. But now, like really anytime, is a good reminder that you should:

  1. Ensure you have a good firewall on your computer
  2. Ensure you have good (and recently updated) antivirus. No, not the free stuff, you GET WHAT YOU PAY FOR…
  3. Don’t click on links just because some email told you to.  If you receive a suspicious email telling you to go somewhere and change a password or login to a website – instead, go to the website directly (type it into your browser) and login properly – then look for whatever ‘action’ you were prompted to do

 

Thanks to Jarrod our whiz bang new Co-Op student for assembling all this helpful material.  Man its nice to have smart people around me I can delegate to. wlEmoticon winkingsmile1 What’s this Flame Virus all about?

Tags: , , ,

Trackback from your site.

Sean Wallbridge

Sean Wallbridge, President and Principal Consultant of itgroove Professional Services Ltd, is a 6 time SharePoint MVP and Evangelist from Victoria, British Columbia, Canada. Sean likes to characterize himself as a “SharePoint Jedi” (there are no experts, just those who continue to explore the enormous ways of the SharePoint force) and there is no better way to describe Sean’s enthusiasm for SharePoint! Sean and itgroove specialize in bringing a rich, professional SharePoint experience to the small and mid-size companies that form the backbone of business in British Columbia and Canada. In addition to being a SharePoint MVP, Sean has a rich background in the Windows world and carries many certifications including CISSP, MCSE, MCT and MCSA. Sean has lived and worked internationally (Bermuda) and still carries on an international consulting practice from his base at itgroove in Victoria

Leave a comment