Newly discovered spying malware designed to steal data from infected systems was likely built from the same cyber-weaponry factory that produced two other notorious cyberespionage software Flame and Gauss, a security vendor says.
Kaspersky Lab has released a technical paper Monday outlining the discovery of the malware the vendor has dubbed "miniFlame."
While capable of working with Flame and Gauss, miniFlame is a "small, fully functional espionage module designed for data theft and direct access to infected systems," Kaspersky said.
Kaspersky reported the existence of Flame in May and a month later discovered Gauss. A nation-state is believed to have developed both highly sophisticated malware for cyberespionage and cybersabotage operations in the Middle East.
MiniFlame was discovered during an analysis of the Flame command and control servers, a study initiated by the International Telecommunication Union and conducted by Kaspersky. While capable of operating by itself, miniFlame was downloaded in computers already infected with Flame and Gauss.
"The discovery of miniFlame, which works with both these espionage projects, proves that we were right when we concluded that they had come out of the same cyber-weapon factory," Kaspersky said in its security blog.
Flame and Gauss are believed to have infected no less than 10,000 systems, while miniFlame was detected in just a few dozen systems in western Asia. Because of the low number of infections, Kaspersky said miniFlame was a "high precision, surgical attack tool" used only against very specific targets that were deemed most important by the attackers.
Flame and Gauss used a similar modular structure, code base and communication system to receive instructions from command and control servers. However, the malware were parallel projects that used separate servers....
Kaspersky Lab has released a technical paper Monday outlining the discovery of the malware the vendor has dubbed "miniFlame."
While capable of working with Flame and Gauss, miniFlame is a "small, fully functional espionage module designed for data theft and direct access to infected systems," Kaspersky said.
Kaspersky reported the existence of Flame in May and a month later discovered Gauss. A nation-state is believed to have developed both highly sophisticated malware for cyberespionage and cybersabotage operations in the Middle East.
MiniFlame was discovered during an analysis of the Flame command and control servers, a study initiated by the International Telecommunication Union and conducted by Kaspersky. While capable of operating by itself, miniFlame was downloaded in computers already infected with Flame and Gauss.
"The discovery of miniFlame, which works with both these espionage projects, proves that we were right when we concluded that they had come out of the same cyber-weapon factory," Kaspersky said in its security blog.
Flame and Gauss are believed to have infected no less than 10,000 systems, while miniFlame was detected in just a few dozen systems in western Asia. Because of the low number of infections, Kaspersky said miniFlame was a "high precision, surgical attack tool" used only against very specific targets that were deemed most important by the attackers.
Flame and Gauss used a similar modular structure, code base and communication system to receive instructions from command and control servers. However, the malware were parallel projects that used separate servers....
Read More: Click Here
No comments:
Post a Comment