This account is pending registration confirmation. Please click on the link within the confirmation email previously sent you to complete registration. Need a new registration confirmation email? Click here
NEW YORK (
TheStreet) -- The discovery of sophisticated new malware, dubbed "Flame" has made
headlines around the world in the last few days, again raising the frightening prospect of
cyber warfare. At least one security expert, however, says that at this stage the Flame threat is overblown.
"I feel like there's a lot of hype about it at the moment," Graham Cluley, senior technology consultant at antivirus specialist
TheStreet. "The numbers don't add up -- there's only a small number of computers that seem to be impacted."
The newly-discovered Flame malware has grabbed global attention.
Cluley adds that Flame has not even singed Sophos's 100 million customers.
"We have been looking at our systems, where customers' computers report back to us what activity they have seen -- none of them have seen this malicious software," he said. "
might suggest some naughtiness going on, but I don't think there's any new message for the typical computer user about how to protect themselves."
Nonetheless, Flame quickly gained global attention after its discovery by researchers from
Kaspersky Lab, working in conjunction with the U.N.'s International Telecommunication Union. In a statement released on Tuesday, Kaspersky Lab described Flame as "a highly sophisticated malicious program" that is being used as a "cyber weapon" against several countries.
BBC reports that organizations within Iran, Israel, Sudan, Syria, Saudi Arabia, Lebanon and Egypt have been targeted by the attack. In a statement released on Monday, Iran's cyber emergency response team warned that Flame could be responsible for recent incidents of "mass data loss" within the country.
Iran's National CERT also drew parallels to Stuxnet, a
Microsoft(MSFT) Windows worm that targeted the country's nuclear program in 2010 and the Duqu worm, which was discovered last year. The agency added that a "removal tool" to deal with Flame is now ready.
Intel's(INTC - Get Report) McAfee security division described Flame as significantly more complex than Stuxnet and Duqu. "Evidently, the threat has been developed over many years, possibly by a large group or dedicated team," the company explained in a
blog posting on Monday.
"This code was not written by a single individual but an organized well-funded group of personnel with directives," added security software specialist
Symantec(SYMC - Get Report) in a statement. "Analysis shows this to be an extremely stealth-like attack that appears to be benign, however deeper inspection reveals cleverly concealed malicious functionality."
Flame has the ability to steal documents, take screenshots of users' desktops, spread via USB flash drives, disable security vendor products and potentially proliferate via networks to other systems, according to Symantec.
Roger Kay, president of tech research firm
Endpoint Technologies, warns that even though reported outbreaks of Flame are confined to the Middle East, the emergence of a sophisticated new threat is still cause for concern.
"If Flame is not all it's cracked up to be, that's still small comfort for the rest of us," he explained in an email. "Existing techniques easily morph into the platform for the next more sophisticated hack -- a general utility spy suite seems like table stakes in tomorrow's hackerware."
--Written by James Rogers in New York.
>To follow the writer on Twitter, go to
>To submit a news tip, send an email to:
Check out our new tech blog,
Tech Trends. Follow TheStreet Tech
on your wireless devices.
To begin commenting right away, you can log in below using your Disqus, Facebook, Twitter, OpenID or Yahoo login credentials. Alternatively, you can post a comment as a "guest" just by entering an email address. Your use of the commenting tool is subject to multiple terms of service/use and privacy policies - see here for more details.