As information filters out on Flame and the origins of Stuxnet, we are getting a glimpse into the weapons locker of the newest tools of the future in intelligence cyber warfare.  And so far, it’s scary and impressive.

I know a man that only a few years back made the claim that cyber warfare wasn’t possible.  (Which is odd for a security professional.)  The concept of attacking a enemy with computers and malware wouldn’t justify as warfare.  It would only be an inconvenience.  I wonder how many other people share that view?

As I read more on the Flame malware and its a sophisticated attack toolkit.  Its a Trojan, and has worm-like characters, allowing it to replicate in a local network and on removable media if it is commanded so by its master.

Once a system is infected, Flame begins data gathering that includes sniffing network traffic, recording audio from internal mics, intercepting key strokes and screenshots. All this data is available through the link to the bots command-and-control servers.

Flame is a package of modules when, making it difficult to analyze. Flame is larger than most malware in the past because it includes many different libraries for compression and database manipulation.

Flame is simply looking for any kind of data of electronic publications and audio gathered (docs, e-mails, chat messages, etc.) from the analysis reported,

Based on the information from the Kaspersky Lab, they are seeing multiple versions of the malware with different sizes and content.

More malware will be coming and of even scarier payloads.  If these are the know… what is out in the unknown.