Quarantined, gun-shaped USB stick deliberately infected with the Flamer ‘cyber weapon’

Oliver, 2013


Flamer.a was found in Iran and other Middle East countries in mid 2012 and was thought to be active for 5 years before discovery. Forensic and virus experts found that it was designed to perform state-sponsored cyber espionage.

I found and installed this weapon onto a USB stick shaped like a weapon.

Plugging this device into a Microsoft Windows machine will infect that machine, allowing the weapon to continue its journey toward its target.

The object is under strict quarantine at Weise7 Studios, Berlin. It will never, ever, be allowed to come into contact with a computer running Microsoft Windows.

Scan output (GNU/Linux host)

11:42:32-julian@chroot:~$ pmount /dev/sdb
11:42:35-julian@chroot:~$ clamscan /media/sdb
/media/sdb/malware.exe: Worm.Flame FOUND

----------- SCAN SUMMARY -----------
Known viruses: 2753178
Engine version: 0.97.6
Scanned directories: 1
Scanned files: 1
Infected files: 1
Data scanned: 0.12 MB
Data read: 0.79 MB (ratio 0.16:1)
Time: 9.378 sec (0 m 9 s)