Kaspersky Warns of miniFlame Malware


Kaspersky researchers recently uncovered new malware called miniFlame, also known as SPE, a fully functional and independent module of the Flame malware.

"If Flame and Gauss were massive spy operations, infecting thousands of users, miniFlame/SPE is a high precision, surgical attack tool," the Kaspersky Lab Global Research & Analysis Team reports. "miniFlame is in fact based on the Flame platform but is implemented as an independent module. It can operate either independently, without the main modules of Flame in the system, or as a component controlled by Flame."

"At least six versions of miniFlame were created between 2010 and 2011, with some variants still being active in the wild," writes The Register's John Leyden. "Development of the malware may have started as early as 2007."

"The intention for the program is to be used as a cyber espionage tool, Kaspersky Lab says, operating as a backdoor for data theft, allowing the creators direct access to the infected computer," writes TechEye's Matthew Finnegan. "The number of computers infected by miniFlame is lower than its counterparts however, with Kaspersky Lab claiming that noting that between 10-20 machines have fallen victim to the virus. The total figure is estimated to be up 60 worldwide."

"But these types of attacks are less focused on quantity and more on hitting specific targets," write CNET News' Lance Whitney. "'MiniFlame is a high precision attack tool. Most likely it is a targeted cyberweapon used in what can be defined as the second wave of a cyberattack,' Alexander Gostev, Chief Security Expert for Kaspersky Lab, said in a statement. 'The discovery of miniFlame also gives us additional evidence of the cooperation between the creators of the most notable malicious programs used for cyber warfare operations: Stuxnet, Duqu, Flame, and Gauss.'"