The new malware, dubbed miniFlame, is a small, fully functional espionage module
Security researchers at Kaspersky Lab have discovered a new malware which is based on the same architectural platform as Flame discovered in May this year to steal data from targets across the Middle East.
The new malware, dubbed miniFlame, is a small, fully functional espionage module designed for data theft and direct access to infected systems.
MiniFlame, also known as SPE, can function as its own independent cyber espionage programme or as a component inside both Flame and Gauss.
MiniFlame infections were found mostly in Iran, Israel, Sudan, Syria, Lebanon, Saudi Arabia and Egypt.
Kaspersky Lab discovered six different variations of miniFlame, all dating back to 2010-2011 and the miniFlame might have started as early as 2007, the researchers said.
Kaspersky Lab researchers said that if Flame and Gauss were massive spy operations, infecting thousands of users, miniFlame/SPE is a high precision, surgical attack tool.
According to researchers, it has been assumed that Flame and Gauss were parallel projects that did not have any modules or C&C servers in common.
Kaspersky said that the discovery of miniFlame, which works with both these espionage projects, proves that we were right when we concluded that they had come out of the same cyber-weapon factory.
Kaspersky chief security expert Alexander Gostev said that miniFlame is a targeted cyberweapon used in what can be defined as the second wave of a cyberattack.
First, Flame or Gauss are used to infect as many victims as possible to collect large quantities of information," Gostev said.
"After data is collected and reviewed, a potentially interesting victim is defined and identified, and miniFlame is installed in order to conduct more in-depth surveillance and cyber-espionage."
In September this year, a report found that the Flame virus which is associated with a cyber warfare effort against Iran, developed in 2006, was considered to be linked to about three other malware programmes.
The researchers also expect that there could be a collaboration between the development teams of both Flame and Gauss as miniFlame has an ability to be used as a plug-in by either Flame or Gauss.