Hello There. I'm V, The Geek-Girl/Computer-Whisperer from Punto G Electronics in Coronado and I'd like to ask you a personal question: How's your computer? You know. The one you're probably reading this on. No. Really. How's your computer?
If your computer technician repairs computers as a hobby and has no formal training or technological background, he or she may not know the right questions to ask you. So, how can you be sure your computer is clean of malware? After seeing so many computers come into the store incorrectly configured and/or full of viruses, I have become very concerned about what type of virus-prevention strategies our customers have received from other technicians.
Because of my concern, yesterday I did some homework on a new computer virus called “Flame.” I had heard what equates to “water-cooler” rumors about it, but had never actually taken the time to research the symptoms of an infection, and the unthinkable damage it can cause. I really do hate to be an alarmist, but ooooh Boy, this thing is scary! Based on what I learned, I felt I owed it to the Coronado Beach community to share what I know about this threat. In case you're not familiar with Flame, here's a couple of quotes from its wikipedia page:
“Like the previously known cyber weapons Stuxnetand Duqu, it is employed in a targeted manner and can evade current security software through rootkit functionality. Once a system is infected, Flame can spread to other systems over a local network or via USB stick. It can record audio, screenshots, keyboard activity and network traffic.[6]The program also records Skype conversations and can turn infected computers into Bluetooth beacons which attempt to download contact information from nearby Bluetooth enabled devices.[7]This data, along with locally stored documents, is sent on to one of several command and control servers that are scattered around the world. The program then awaits further instructions from these servers.[6]
Unlike Stuxnet, which was designed to damage an industrial process, Flame appears to have been written purely for espionage purposes.[15]It does not appear to target a particular industry, but rather is "a complete attack toolkit designed for general cyber-espionage purposes".[16]
Flame contains no built-in end-of-life date when it will deactivate, but allows operators to send a"kill" module that eliminates all traces of its files from a system.[7]”
“The malware determines what antivirus software is installed, then customizes its own behavior (for example, by changing the filename extensions it uses) to reduce the probability of detection by that software.[1]Additional indicators of compromise include mutex and registry activity, such as installation of a fake audio driver which the malware uses to maintain persistence on the compromised system.[11]
What makes this malware suite so nasty is that while a vast amount of malware (viruses/trojans/spyware) currently “In-The-Wild” are dangerous, compared to Flame, they are polite because they generally ask your permission to pick your e-wallet or use your computer as a spambot. (They do this by tricking you into clicking on something and thereby you unknowingly have just installed malicious code). With rare exception though, they cannot spread wirelessly: Flame can.
So far Flame has been pretty much localized to Iran. Still, it doesn't take a strong leap of imagination to know it won't stay localized for long because from a purely technical perspective, its propagation method is absolutely brilliant. Even though Flame is no longer officially “In-The-Wild,” it should be of concern for anyone who uses a cell phone, tablet, notebook, netbook, etc., because it can spread via Bluetooth, and/or a USB thumb-drive. And who doesn't have at least ONE of those?
By now, you must be asking yourself: “How can I protect my digital existence from such a nasty virus?” Unfortunately, there are no clear-cut answers. After all, even the United States Government get viruses. The most effective way to improve your odds of not getting infected with the inevitable Flame variants (or any other malware), is to be a smart user. Your computer-usage habits are your front-line of defense, because even the best anti-virus software in the world isn't going to do a bit of good if it isn't configured correctly, or if you override the warnings it gives you about dangerous sites/software. In addition,it is mandatory to have a good backup system as the foundation of your computing strategy. If you must visit those dangerous sites and download pirated software or movies, for the love of GOD get a separate computer for those activities, and until you know it is safe, do not share files between that computer and your computer/laptop/tablet which has all of your valuable and personal data.
So again I ask: How's your computer? Is it virus-free? Does it have a RootKit? Is your data backed up? You know! Your irreplaceable data. Yeah. That data. The stuff you would kill a careless technician for erasing. The stuff like your pictures, music, contacts and other things that are so important – yet you haven't bothered to back them up since you bought your computer three years ago.
Okay. I'm done with the guilt and fear mongering. After all ,I'm not your Mom. But hopefully, I AM your computer technician -- which is kind of the same thing. If I'm NOT your technician, that's okay too. Just make sure you choose an experienced and formally-trained technician who doesn't view your computer issues as a hobby, and whom you are sure can be trusted with your sensitive information.
If you have any additional questions, please feel free to stop by
Punto G and pick our brains. We are located in the Coronado Mall, Primer
Piso (
1st Floor) just past
Digicel in Local #26. Or, you can give us a call at 345.3877.