|Manu||Date: Tuesday, 16-October-2012, 1:12 PM | Message # 1|
Image from www.securelist.com
A new cyber espionage program linked to the notorious Flame and Gauss malware has been detected by Russia's Kaspersky Lab. The anti-virus giant’s chief warns that global cyber warfare is in “full swing” and will probably escalate in 2013.
The virus, dubbed miniFlame, and also known as SPE, has already infected computers in Iran, Lebanon, France, the United States and Lithuania. It was discovered in July 2012 and is described as “a small and highly flexible malicious program designed to steal data and control infected systems during targeted cyber espionage operations,” Kaspersky Lab said in a statement posted on its website.
The malware was originally identified as an appendage of Flame – the program used for targeted cyber espionage in the Middle East and acknowledged to be part of joint US-Israeli efforts to undermine Iran’s nuclear program.
But later, Kaspersky Lab analysts discovered that miniFlame is an “interoperable tool that could be used as an independent malicious program, or concurrently as a plug-in for both the Flame and Gauss malware.”
The analysis also showed new evidence of cooperation between the creators of Flame and Gauss, as both viruses can use miniFlame for their operations.
“MiniFlame’s ability to be used as a plug-in by either Flame or Gauss clearly connects the collaboration between the development teams of both Flame and Gauss. Since the connection between Flame and Stuxnet/Duqu has already been revealed, it can be concluded that all these advanced threats come from the same 'cyber warfare' factory,” Kaspersky Lab said.
So far just 50 to 60 cases of infection have been detected worldwide, according to Kaspersky Lab. But unlike Flame and Gauss, miniFlame in meant for installation on machines already infected by those viruses.
Read more/Full article/source - http://rt.com/news/mini-flame-malware-kaspersky-519/