/ciol/media/agency_attachments/c0E28gS06GM3VmrXNw5G.png)
Follow UsBANGALORE, INDIA: The capabilities of the recently discovered and much talked about Flamer, a Windows -based malware, is still a mystery and its intentions of using Bluetooth connectivity is yet to be determined, according to a latest blog post by end-point security firm Symantec.
The blog identifies three theories that have emerged as a result of Symantec's technical analysis. They are:
1. To map infected users' social and professional circles by cataloguing the various other Bluetooth-enabled devices encountered.
2. Identify the physical locations of infected users to determine their proximity to high-priority targets, whether those targets be other individuals or computing systems.
3. Target other Bluetooth devices within range to steal information off them, us them to eavesdrop or leverage their data connections to exfiltrate already-stolen data.
The blog adds on that though the precise intentions of including Bluetooth connectivity into the threat's code cannot yet be determined, these three plausible scenarios further confirm Flamer's sophistication as an advanced espionage tool.
The blog concludes that "It is possible that there is undiscovered code within W32.Flamer which already achieves some of these goals. For example, although we have not found network code near the 'beacon' code, one compromised computer may connect to another computer using Bluetooth. If the second computer is using a secured network and was infected through a USB connection, potentially the only network available would be a Bluetooth connection back to the first compromised computer. The code to achieve this may already exist in Flame.
The various theories described here are all practical attacks, easily to implement by a skilled attacker. The sophistication of W32.Flamer indicates that the attackers are certainly technically skilled and such attacks are well within their capabilities."