New 'miniFlame' cyber weapon can control spyware infected machines

A new malware known as miniFlame that apppears to be used to commandeer and boost the spying capability over select computers originally infected by the Flame and Gauss spyware has been discovered by researchers at Kaspersky Lab, reports Wired.

MiniFlame, which also goes by the names "SPE” and “John,” is the fourth in a line of nation-state malware discovered in the last year that appears to have been created by the creators of Stuxnet, the cyber weapon that attacked Iran's nuclear program and is believed to have been developed by the U.S. and Israeli governments, the story said. While Stuxnet was designed for destruction, the other cyber weapons -- DuQu, Flame, and Gauss -- were designed to conduct espionage. The new malware has infected machines in Lebanon, France, Iran and other nations.

Researchers at Kaspersky are analyzing the various malware, including the newly discovered miniFlame, to gain greater insight into how nation-state intelligence gathering and cyber warfare methods are conducted, the story said.

“With Flame, Gauss and miniFlame, we have probably only scratched [the] surface of the massive cyber-spy operations ongoing in the Middle East,” Kaspersky researchers said in a report released Oct. 15. “Their true, full purpose remains obscure and the identity of the victims and attackers remain unknown.”

The miniFlame malware is essentially a module that can be used on its own as a small, standalone espionage tool, or it can be plugged into the much larger Flame espionage tool, or into Gauss, the story said.

The purpose of the module is to steal data and open a backdoor into infected machines to give attackers direct and complete remote control over the machines--a feature not possessed by Flame or Gauss, the story said. Once the backdoor is in place, the attackers can send commands to the machines to steal data, take screenshots and download other malicious files to the machines.

Kaspersky researchers believe miniFlame was intended for certain high-profile victims, and that it was used in conjunction with Flame and Gauss as part of a multi-stage attack, the story said.

 

Reader Comments

Please post your comments here. Comments are moderated, so they may not appear immediately after submitting. We will not post comments that we consider abusive or off-topic.

Your Name:(optional)
Your Email:(optional)
Your Location:(optional)
Comment:
Please type the letters/numbers you see above