State-Sponsored Malware 'Flame' Has Smaller, More Devious Cousin

[InfoSec News <alerts () infosecnews org>]

http://www.wired.com/threatlevel/2012/10/miniflame-espionage-tool/

By Kim Zetter
Threat Level
Wired.com
10.15.12

Researchers have uncovered new nation-state espionage malware that has 
ties to two previous espionage tools known as Flame and Gauss, and that 
appears to be a “high-precision, surgical attack tool” targeting victims 
in Lebanon, Iran and elsewhere.

Researchers at Kaspersky Lab, who discovered the malware, are calling 
the new malware miniFlame, although the attackers who designed it called 
it by two other names – “SPE” and “John.” MiniFlame seems to be used to 
gain control of and obtain increased spying capability over select 
computers originally infected by the Flame and Gauss spyware.

It is the fourth piece of nation-state malware discovered in the last 
year that appears to have been created by the same group behind Stuxnet, 
the groundbreaking cyberweapon that sabotaged Iran’s nuclear program and 
is believed to have been created by the U.S. and Israeli governments. 
The others – all designed for espionage rather than destruction – are 
DuQu, Flame, and Gauss.

The new malware adds to the arsenal of cyber tools that are quickly 
becoming the mark of nation-state intelligence gathering and warfare 
methods and provides new clues into how such operations are conducted.

[...]

--
CISSP and CEH Live OnLine training with ExpandingSecurity.com is the fastest,
easiest way to master the relevant data you need now.  Sign up for the free
weekly PainPill and try a free class.  It is easy.
http://www.expandingsecurity.com/PainPill