Russian security firm Kaspersky Labs told the BBC they believed the malware, known as Flame, had been operating since August 2010. The company said it believed the attack was state-sponsored, but could not be sure of its exact origins.
They described Flame as “one of the most complex threats ever discovered”. Research into the attack was carried out in conjunction with the UN’s International Telecommunication Union.
“Once a system is infected, Flame begins a complex set of operations, including sniffing the network traffic, taking screenshots, recording audio conversations, intercepting the keyboard, and so on,” he said.
More than 600 specific targets were hit, Mr Kamluk said, ranging from individuals, businesses, academic institutions and government systems.
Iran’s National Computer Emergency Response Team posted a security alert stating that it believed Flame was responsible for “recent incidents of mass data loss” in the country.
The malware code itself is 20MB in size – making it some 20 times larger than the Stuxnet virus. The researchers said it could take several years to analyse.
