World Bulletin/News Desk
Researchers have found evidence suggesting that the United States may have developed three previously unknown computer viruses for use in espionage operations or cyber warfare.
The findings are likely to bolster a growing view that the U.S. government is using cyber technology more widely than previously believed to further its interests in the Middle East. The United States has already been linked to the Stuxnet Trojan that attacked Iran's nuclear program in 2010 and the sophisticated Flame cyber surveillance tool that was uncovered in May.
Anti-virus software makers Symantec Corp of the United States and Kaspersky Lab of Russia disclosed on Monday that they have found evidence that Flame's operators may have also worked with three other viruses that have yet to be discovered.
The two security firms, which conducted their analyses separately, declined to comment on who was behind Flame. But current and former Western national security officials have told Reuters that the United States played a role in creating Flame. The Washington Post has reported that Israel was also involved.
Current and former U.S. government sources also told Reuters that the United States was behind Stuxnet. Kaspersky and Symantec linked Stuxnet to Flame in June, saying that part of the Flame program is nearly identical to code found in a 2009 version of Stuxnet.
For now, the two firms know very little about the newly identified viruses, except that one of them is currently deployed in the Middle East. They are not sure what the malicious software was designed to do. "It could be anything," said Costin Raiu, director of Kaspersky Lab's Global Research and Analysis Team.
Kaspersky and Symantec released their findings in reports describing analysis of "command and control" servers used to communicate with and control computers infected with Flame.
Researchers from both firms said the Flame operation was managed using a piece of software named "Newsforyou" that was built by a team of four software developers starting in 2006.
It was designed to look like a common program for managing content on websites, which was likely done in a bid to disguise its real purpose from hosting providers or investigators so that the operation would not be compromised, Kaspersky said in its report.
Newsforyou handled four types of malicious software: Flame and programs code-named SP, SPE and IP, according to both firms. Neither firm has obtained samples of the other three pieces of malware.
Kaspersky Lab said it believes that SP, SPE and IP were espionage or sabotage tools separate from Flame. Symantec said it was not sure if they were simply variations of Flame or completely different pieces of software.
"We know that it is definitely out there. We just can't figure out a way to actually get our hands on it. We are trying," Symantec researcher Vikram Thakur said in an interview.
About a dozen computers in Iran and Lebanon that are infected with one of the newly identified pieces of malware are trying to communicate with command and control servers, according to Kaspersky Lab.
The researchers found a large cache of data on one of the command and control servers, but cannot analyze it because it is encrypted using a password that they said would be virtually impossible to crack.
They believe that it was encrypted so heavily because the people coordinating the attack did not want the workers using the Newsforyou program to be able to read potentially sensitive information.
"This approach to uploading packages and downloading data fits the profile of military and/or intelligence operations," Symantec said in its report.
The discovery is the closest scientists have come so far to finding a true Earth twin
An ambitious project in Turkey's south could see a pioneering clean energy project.
Depending on local weather conditions, the eclipse was visible across a swath of the United States
Google and Facebook have been competing in innovative ways to increase internet access globally and tap into previously untouched markets.
A 14-year-old Dutch girl who sent a terror threat to American Airlines as a Twitter “joke” has been arrested by police in Rotterdam
The legal action is the first to emerge from a humiliating episode for Microsoft, which the software company has never fully explained and has accounted for only as a "technical error."
The widespread bug surfaced late on Monday, when it was disclosed that a pernicious flaw in a widely used Web encryption program known as OpenSSL opened hundreds of thousands of websites to data theft.
For some, increased connectivity has allowed them to see social network and sharing websites like Youtube and Facebook for the first time.
The suspects exploited the fact that some users had the same pin number or password for both credit cards and the loyalty card to create fake cards and charge items earlier this year
The radar is part of a safety system that ensures a failed rocket will not threatened populated areas.
The World's latest solar energy technologies with innovative products produced in Turkey will be showcased at the fair.
Kaspersky Lab uncovered evidence that a few hacking groups believed to be involved in state-sponsored cyber espionage were running such scans shortly after news of the bug first surfaced
Facebook did not specify how many ads will now appear in the right-hand column, though a sample image on the blog showed a single ad in the right-hand column
StoreDot's device charged a dead Samsung S4 smartphone battery in 26 seconds during a demonstration of the product.
Weapons like the electromagnetic rail gun could help U.S. forces retain their edge and give them an asymmetric advantage over rivals, making it too expensive to use missiles to attack U.S. warships because of the cheap way to defeat them.