Viruses have plagued the Internet for decades, with threats ranging from harmless pranks that flip your screen or shut down your PC, to complex worms that corrupt your files and render your operating system useless. As computers get more powerful, so do the viruses. And resourceful hackers will always find new ways to try to get to your data and make money from it.

The virus-of-the-year award for 2012 (so far) goes by the name of Flame. A complex attack tool that targets specific information, Flame steals data and sends it back to the hacker. Flame specifically has a taste for government-related data. Yum.

Although it’s currently grabbing headlines, Flame isn’t all that revolutionary. It’s another in a long line of “automated trojans”, which have been pouncing on unsuspecting web users for years.

Why is Flame so hot right now? Because it’s automated. Hackers simply send the trojan to a handful of email addresses and it does the rest itself, automatically sending victims’ mail, IM contacts, recently visited web sites and even USB drives back to the hackers. Particularly scary is that Flame can take screenshots, log keystrokes and stream audio.

But don’t panic. Like all malware, if it can be detected it can be cleaned. And Flame has been detected, so now there’s a fix for it. As long as basic IT security is enabled— i.e., your antivirus is up to date—this virus won’t get the opportunity to do its evil deed. In short, Flame has been doused.

James Lapwood
Head of Communications at Firebrand Training

We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post. To view all blog posts, please click on the ISACA Now link in the blue box on the left.