Flame, also known as sKy WIper, is an advanced and complex tool designed to steal data from infected machines and upload it to a remote server. Because the malware looks for highly sensitive data that is usually on networks without internet connections, Flame has the ability to copy itself and the target data to any USB drive inserted to the machine. Then, by forging a Microsoft digital certificate, Flame automatically installs itself when the USB drive is inserted to an internet-connected Windows PC.
Researchers of the malware have reported that Flame has been in existence for more than two years, and uses some of the same source code as the Stuxnet worm, which made headlines more than a year ago. Both Stuxnet and Flame were built to spread via infected USB drive, taking advantage of many similar software vulnerabilities. Stuxnet is believed to have targeted Iran's uranium-enrichment facility at Natanz via the Supervisory Control and Data Acquisition (SCADA) systems used to control and monitor industrial processes in facilities such as power plants. Similarly, Flame has been used in targeted attacks against organizations in the Middle East, including Iranian oil facilities. Both pieces of malware are suspected to be cyber-warfare tools built by nation states.
Flame was initially discovered by Kaspersky Lab, an antivirus company headquartered in Moscow, Russia. Because Kaspersky Antivirus is one of the engines available in Metascan (http://www.opswat.com/
Using Metascan technology, OPSWAT offers a ready-to-go multi-scanning solution called MetaDefender for Media (MD4M), which protects against threats on USB drives and other external media devices. MD4M enables organizations to scan USB drives, CDs, DVDs and memory cards with multiple antivirus engines before they enter a network or locked-down system (http://www.opswat.com/
OPSWAT’s Director of Sales, Alex Sill, commented, “MD4M offers our customers an easily implemented and secure method to protect against threats such as Flame and Stuxnet. Our solution provides the optimal tools to create processes ensuring that USB drives and other peripheral media have been thoroughly scanned before interacting with customers’ networks.”
For more information about OPSWAT, Metascan, and MetaDefender for Media, please visit http://www.opswat.com or contact sales@opswat.com.
About OPSWAT
Founded in 2002, OPSWAT is the industry leader in software management SDKs, interoperability certification and multiple-engine malware scanning solutions. With both software manageability and multi-scanning products, OPSWAT offers simplified and comprehensive SDKs that reduce time and costs for your engineering and testing teams. OPSWAT delivers: OESIS Framework, an open development framework that enables software engineers to develop products that manage thousands of third-party software applications;
