Kaspersky Labs has discovered a particularly nasty new\u00a0malware strain, dubbed Flame, which is to ordinary malware as the Ebola virus is to a cold.\n\t\u201cThe complexity and functionality of the newly discovered malicious program exceed those of all other cyber menaces known to date,\u201d according to Kaspersky.\n\tThe researchers, who I've\u00a0never known to be alarmist, say it is in the same category of super-cyberweapons as Duqu and Stuxnet.\u00a0Few specific details are known about it right now\u00a0(some say it will take years to untangle) but we do know it's written in the same language used by Angry Birds. Seriously.\n\tHere\u2019s what else is known (or surmised):\n\t\n\t\tIt\u2019s designed to carry out cyber espionage.\n\t\n\t\tIt can steal valuable information, including but not limited to computer display contents, information about targeted systems, stored files, contact data and audio conversations.\n\t\n\t\tIt can replicate over local networks using several methods, including the same printer vulnerability and USB infection method used by Stuxnet.\n\t\n\t\t\u201cOne of the most alarming facts is that the Flame cyber-attack campaign is currently in its active phase, and its operator is consistently surveilling infected systems, collecting information and targeting new systems to accomplish its unknown goals.\u201d -- Alexander Gostev, chief security expert at Kaspersky Lab\n\t\n\t\tIt was designed by a government.\n\t\n\t\tIt\u2019s only known to be active in the Middle East. So far it is\u00a0targeting systems in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt. So, it\u2019s from a government with interests in the Middle East. That limits the suspect list to \u2026 everyone. That said, F-Secure believes it to be from a Western government because of \u201ca clear difference in how online espionage is done from China and how it's done from the West. Chinese actors prefer attacks targeted via spoofed e-mails with booby-trapped documents attached. Western actors seem to avoid e-mail and instead use USB sticks or targeted break-ins to gain access.\u201d\n\t\n\t\tIt\u2019s really big: Over 20MB. The reason it \u201cis so big is because it includes many different libraries, such as for compression (zlib, libbz2, ppmd) and database manipulation (sqlite3), together with a Lua virtual machine.\u201d\n\t\n\t\tLua is the same language used to write Angry Birds, and malware written in Lua is very unusual.\n\t\n\t\tIt\u2019s been out there for a while. According to Kaspersky it has definitely been active since 2010. Hungarian security researchers at the Laboratory of Cryptography and System Security (CrySyS) say it might have been out since 2004. Kaspersky won\u2019t go that far but does say it is highly likely that Flame has been active\u00a0for more than just a couple of years.\n\t\n\t\tIt is a beast of many names. CrySyS ID\u2019d it as \u201cSkyWiper\u201d and the Iran Maher CERT group calls it \u201cFlamer."\n\t\n\t\tSo far no antivirus programs can detect it. However, Iran\u2019s CERT says they created a detector which was delivered to selected organizations and companies in May and that they have also developed a removal tool.\n\t\n\t\tAs far as we know it hasn\u2019t yet infected very many computers. As Naked Security notes, it\u2019s only been found on a few hundred computers.\n\n\tCheck out the following sites for additional information:\n\t\n\t\tKaspersky\u2019s FAQ\n\t\n\t\tBudapest University of Technology and Economics's Laboratory of Cryptography and System Security (CrySyS)\n\t\n\t\tIran National CERT (MAHER).