Viruses in the service of intelligence

Viruses in the service of intelligenceWeb is full of reports that a computer virus "Flame", which were numerous Gervais nick Network, created with the participation of U.S. and Israeli intelligence services, who tried to infiltrate Makarov so in control of Iran's nuclear facilities. The fact that it's still the same for the virus and why the information about the involvement of the United States and Israel had the concrete at the moment, in an interview with "Rosbaltu" said the head of the analytical department of international organizations HostExploit & CyberDefco, recognizable "hunter hackers" Dzharty Armin.

— As such, much in the virus "Flame"? Why the big deal about him?

— "Flame" — is one of the more fascinating harmful programs found for the near future on the web. For all this, though it is called a potentially unsafe today virus "Flame"Is an example of a combined attack using several penetrating methodologies. At the same time, any such attack different from all the others, although they may have common components.

If we talk about the qualities of the new "flame", you can select the next. In-1's, "Flame" has the ability to record audio through a microphone. The fact of the recording, of course, is not new, but it is the first virus that apart from all the rest also records audio. In-2, it can take screen shots and can communicate via Bluetooth with the application, known under the title Beetlejuice. B-3, the collected data is sent to the control center via the hidden SSL channel. In addition, there is evidence that the "Flame" saga continues with "pocket botnet," hacked phones when used as a zombie bots for anonymous data to other personal computing devices. B-4, "Flame" is written with a very rare language Lua, which makes it more complex and advanced than other Trojan viruses. In addition, in writing it was used a great set of tools, and most of the code is hidden. C-5's, the virus can copy itself on the local network using a vulnerability in the Print Spooler service MS10-061. And finally, programm uses the collision hash function, which allows you to make a valid certificate of registration of Windows, including the more recent versions of the program, allowing for the coming strike without having to break whenever example program.

— What is the extent of damage caused to "flame"? Whether it was possible for those who launched it, to gather them to the right information?

— In the early summer of 2012 we were clear about the attacks with "flame" against the following countries: Iran — 189 attacks, Israel — 88 attacks, Sudan — 32 attacks, Syria — 30 attacks, Lebanon — 18 attacks, Saudi Arabia — 10 attacks, Palestine — 10 attacks, Egypt — 5 attacks. In fact, the "flame" — is programm, gathering intelligence. But the analysis of the "flame" can not allocate a specific branch: attacks were caused both by individuals and by municipal companies and universities.

— There are publications that viral programs from "Flame" and Stuxnet, used against Iran have been made if not one team, then, at least, as a result of cooperation. How to make this statement?

— Indeed, the analysis done by the leads specifically to such conclusions. Moreover, the "Flame" was created a few months earlier Stuxnet. Some code Stuxnet, which was previously unknown to — Resource 207 — is allowed to connect the two applets, at least, in the first steps Stuxnet these applets were written together. But since 2009, applets have been broken. But I wish to emphasize that we can talk about cooperation between with 2 teams of each of the applets to work a separate group of people. In addition, the "Flame" is 20 times bigger in size than Stuxnet.

— How are due to allegations that Stuxnet was created by the U.S. and Israel in order to apply the cyber attack on Iran, while it was produced by direct decree Tipo Barack Obama? Use a modern country such funds to their own policy, and how effective are they?

— In a sense, "Flame" you can name another non-individual application, which has been strengthened with new tools, which I read earlier — screenshots, recording audio, control keyboards, etc. In general, this kind of harmful computer equipment used in the past — for example, the German virus BKA, which for years was used by German federal police. In this string of "government" under the title of another virus FinFisher. About him we learned from the documents found in the headquarters of the State Security Investigation Department of Egypt during the protests in March last year. They contain information about the harmful program notes, which were offered to the Government for the purchase of Mubarak. It was about the product under the name FinFisher — program that allows you to collect data. The program was created by the Anglo-German company Gamma International UK Ltd. The company, by the way, there is a web site that thoroughly explains what specific services it offers. In applets FinFisher also has its own website, where it says that she can gain access to the interested systems to intercept encrypted data and messages, coupled with becoming infected program that government agencies will be able to remotely infect them with necessary systems. Plain and simple. And in the case Finfisher, and in the case of "Flame" and Stuxnet, these applets were written by companies that work for the government. And all the hype — it's flawless marketing campaign is the product that made these offices.

Even as Stuxnet was discovered, the United States denied any role in the development and use of applets. At this point, the passage of time, the South American governments have emerged prerequisites to indirectly recognize its role: for Iran's nuclear program from managed to stop, and it's a big trump card which worth it to make the turn at 100 and eighty degrees. But you have to realize that the press articles refer only to anonymous sources. Apart from the United States to the authorship of these applets are now claiming, and Israel. Willing to admit authorship has become a lot as it is for the public proof that the municipal intelligence is not in vain eat their own bread and execute its own debt now with Stuxnet, "flame", and perhaps other programs, of which we still do not understand.

Like this post? Please share to your friends: