Nearly five months after security researchers at Kaspersky Lab announced the discovery of the highly sophisticated cyber attack Flame, the team came forward again last week to report that it had detected yet another piece of nation-state-sponsored malware.
Dubbed “miniFlame,” or “SPE” for short, the security researchers said they first discovered the malicious cyber attack tool back in July during an ongoing investigation of the Flame and Gauss attacks that targeted the Middle East. While the team initially suspected miniFlame was a component of Flame, a recent, more in-depth analysis revealed that miniFlame had its own functions and stand-alone capabilities.
“miniFlame/SPE is different from Flame and Gauss in that the number of infections is significantly smaller ,” the Kaspersky Lab researchers said in a blog post. “While we estimate the total number of Flame/Gauss victims at no less than 10,000 systems, SPE has been detected in just a few dozen systems in Western Asia. This indicates that SPE is a tool used for highly targeted attacks, and has probably been used only against very specific targets that have the greatest significance.”
While the researchers did not speculate which nation-state, or states, they believe crafted the malware, their analysis showed that miniFlame might have been under development since 2007, “at the least.” Advising that miniFlame’s developers likely created “dozens of different modifications of the program,” the researchers went on to point out that they had only discovered six versions to date.
“With Flame, Gauss and miniFlame, we have probably only scratched surface of the massive cyber-spy operations ongoing in the Middle East,” the security team warned on the blog. “Their true, full purpose remains obscure and the identity of the victims and attackers remain unknown.”
Meanwhile, Kaspersky Lab leader and cybersecurity pioneer, Eugene Kaspersky, also took to the blog to reveal his own, new announcement last week. Writing of the recent cyber threats and attacks on key infrastructure, Kaspersky said his team is currently working to develop “a secure operating system [OS] for protecting key information systems.”
“It doesn’t really matter who’s being targeted at present; what matters is that such cyber-weapons are being developed and deployed at all,” Kaspersky advised in the blog post. “The building up of armaments for attacks on the industrial systems and infrastructure of enemies sooner or later will affect us all.”
Calling it “a sophisticated project,” Kaspersky was short on specifics for confidentiality and competitor purposed, but noted that the new OS would be “highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media.”
____
Michelle Kincaid is a DC-based public affairs professional specializing in technology policy. She is also founder of the blog CybersecurityNews.org. Follow her on Twitter at @OnCybersecurity.