| ||Thread Tools|
|16th October 2012, 07:05||#1|
Join Date: May 2010
Kaspersky Lab uncovers 'miniFlame'
Kapersky has discovered new malware dubbed 'miniFlame', cyber espionage software directly linked to Flame.
The miniFlame program, also referred to as SPE, was originally picked up by security experts in July while analysing the Flame virus, a program responsibly for espionage attacks on Windows based computers in the Middle East. At the time Kaspersky labelled the Flame malware the most sophisticated cyber weapon yet discovered. The new discovery shows that the scale of the operation is larger than first imagined.
Further findings have now shown that while miniFlame is based on the same architecture as Flame, it can also be used both independently as a malicious program, as well as acting as a plug-in for Flame and Gauss. The intention for the program is to be used as a cyber espionage tool, Kaspersky Lab says, operating as a backdoor for data theft, allowing the creators direct access to the infected computer.
The number of computers infected by miniFlame is lower than its counterparts however, with Kaspersky Lab claiming that noting that between 10-20 machines have fallen victim to the virus. The total figure is estimated to be up 60 worldwide. Those infected were most likely already infected with the Flame virus, forming the "second wave" of a targeted cyber espionage attack aimed at stealing information.
According to Kaspersky, versions of miniFlame were created in 2010 and 2011, and some of the six variants are still considered active. It is expected that development of the malicious program could have started as far back as 2007.
"MiniFlame is a high precision attack tool," said Alexander Gostev, Chief Security Expert, Kaspersky Lab, describing the malware. "Most likely it is a targeted cyber weapon used in what can be defined as the second wave of a cyberattack."
"First, Flame or Gauss are used to infect as many victims as possible to collect large quantities of information," he said. "After data is collected and reviewed, a potentially interesting victim is defined and identified, and miniFlame is installed in order to conduct more in-depth surveillance and cyber-espionage."
This could involve taking screenshots of infected computers, or a USB drive could be controlled to store data collected from infected machines without an internet connection.
The analysis of miniFlame also highlighted the cooperation between the creators of Flame and another virus, Gauss, with miniFlame designed to operate alongside both malware programs.
Furthermore Kaspersky contends that with links already established between the creators of Flame and Stuxnet, the viruses are all likely to have originated from the same source.
The US government has so far been widely linked to both Flame and Stuxnet, which was responsible for attacks on Iranian infrastructure and nuclear facilities.
|Thread||Thread Starter||Forum||Replies||Last Post|
|MakerBot uncovers the miracle of 3D printed 'bot making||Stefan Mileschin||WebNews||0||15th May 2012 07:04|
|Apple Invites Kaspersky to Improve OS X Security||Stefan Mileschin||WebNews||0||15th May 2012 06:57|
|Kaspersky exec calls Mac OS 'really vulnerable' (update:clarification from Kaspersky)||Stefan Mileschin||WebNews||0||15th May 2012 06:24|
|Apple 10 Years Behind Microsoft on Security: Kaspersky Lab||Stefan Mileschin||WebNews||0||27th April 2012 08:17|
|Hacked Kaspersky server deploys scareware||jmke||WebNews||0||24th October 2010 15:34|
|Kaspersky granted patent for hardware-based antivirus||jmke||WebNews||0||18th February 2010 15:10|
|nVidia's CUDA speeds Kaspersky Antivirus up to 360 times!||jmke||WebNews||0||16th December 2009 10:21|