Home
Contact Us
Donate
Support Us
Store
Books
Videos
Global Political Awakening and the New World Order
Quotes
Translate
GPA Store: Featured Products
Monday, October 15, 2012
MiniFlame: yet another state-sponsored espionage virus uncovered
Madison Ruppert, Contributor
A new piece of malware dubbed “MiniFlame” – hinting at the software’s relation to
the Flame virus which attacked computer systems in the Middle East
– has been uncovered by
Kaspersky Lab
.
The development of MiniFlame coincided with that of Flame and unlike other malware, MiniFlame actually “allows the operator direct access to the infected system,” according to Kaspersky.
Writing for
CNET
, Lance Whitney characterizes MiniFlame as “a cyber espionage program that can take over where Flame leaves off.”
“First, Flame or Gauss are used to infect as many victims as possible to collect large quantities of information,” Kaspersky explains. “After data is collected and reviewed, a potentially interesting victim is defined and identified, and miniFlame is installed in order to conduct more in-depth surveillance and cyber-espionage.”
This seems to be similar to how
Duqu and Stuxnet might have been utilized in concert
to make targets increasingly vulnerable to attacks.
Kaspersky states that another name for SPE – which they first discovered back in July – other than MiniFlame, is “John.”
While at first they thought MiniFlame was just an earlier version of Flame, upon deeper research last month they discovered that MiniFlame is actually a separate strain of malware built to take advantage of computers infected by Flame and Gauss.
“Gauss used a modular structure resembling that of Flame, a similar code base and system for communicating with command-and-control (C&C) servers, as well as numerous other similarities to Flame,” according to Kaspersky researchers.
MiniFlame is far from simple, according to Kaspersky, seeing as developers likely began work as far back as 2007 and continued working until the end of 2011.
So far six variants of MiniFlame have already been uncovered and chances are more will be found in the near future.
Kaspersky said that the infection rate is relatively low compared to Flame and Gauss with only 50-60 computers worldwide thought to be infected with MiniFlame.
While this might seem great at first, Whitney points out, “But these types of attacks are less focused on quantity and more on hitting specific targets.”
“MiniFlame is a high precision attack tool. Most likely it is a targeted cyberweapon used in what can be defined as the second wave of a cyberattack,” said Kaspersky Lab Chief Security Expert Alexander Gostev in a statement.
“The discovery of miniFlame also gives us additional evidence of the cooperation between the creators of the most notable malicious programs used for cyber warfare operations: Stuxnet, Duqu, Flame, and Gauss,” Gostev added.
Whitney rightly points out that these related strains of malware popping up in high concentrations in the Middle East “are seen as a sign of continued cyberwarfare against Middle East countries. In particular, many analysts believe many of these strains gathered intelligence in Iran and may have been used to sabotage its nuclear-weapons program.”
“With Flame, Gauss, and miniFlame, we have probably only scratched [the] surface of the massive cyber-spy operations ongoing in the Middle East,” wrote a researcher with Kaspersky Lab. “Their true, full purpose remains obscure and the identity of the victims and attackers remain unknown.”
What is clear, however, is that there is, in fact, a concerted, state-sponsored cyberwarfare effort targeting Middle Eastern nations. Who exactly is behind it can be debated but
all indications are that it is the United States and Israel
based on
the origins of Stuxnet
and the related families of malware.
Please support our work and help us start to pay contributors by doing your shopping through our
Amazon link
or check out some must-have products at our
store
.
This article first appeared at
End the Lie
.
Madison Ruppert is the Editor and Owner-Operator of the alternative news and analysis database
End The Lie
and has no affiliation with any NGO, political party, economic school, or other organization/cause. He is available for podcast and radio interviews. Madison also now has his own radio show on Orion Talk Radio from 8 pm -- 10 pm Pacific, which you can find
HERE
. If you have questions, comments, or corrections feel free to contact him at
admin@EndtheLie.com
Enter your email address to subscribe to our newsletter:
Delivered by
FeedBurner
Be the Change! Share this using the tools below. Sharing on Reddit and Newsvine will help the most.
0 Comments
Disqus
Fb Comments
[Get It]
Comments :
Newer Post
Older Post
Home