Flame malware, the complex malware toolkit infecting targeted systems in Iran, Lebanon, Syria, Sudan and other Middle Eastern and North African states, is being prevented for OpenDNS customers. Although the malware may be transmitted by USB drives and replicated across networks, OpenDNS blocks communication between Flame and its Command and Control (C&C), ensuring that private or sensitive data will not be transmitted off the networks of infected parties.
Flame malware came into the spotlight two weeks ago when the threat was discovered by Kaspersky Labs and it is already bearing significant comparisons to notorious cyber weapons Stuxnet and Duqu. However, Flame seems to be substantially more evolved and complex than these other state-sponsored cyber threats.
This piece of malware is capable of sniffing network traffic, taking screenshots, recording conversations, intercepting the keyboard and communicating all data back to C&C. Our team is working closely with Kaspersky Labs to gather and analyze intelligence which we’ll be sharing with you here on the blog in the next few weeks. You can find more details on Flame here.