Researchers said today they have identified part of the powerful Flame cyber espionage program as a stand-alone, “highly flexible” spy program that centered its attacks on computer systems in Lebanon and Iran.
MiniFlame, as cyber experts at Moscow-based Kaspersky Labs dubbed the malware, is an “info-stealing” virus designed to hit only a few high-profile targets – perhaps just a few dozen computer systems. Kaspersky researchers said in a blog post they actually discovered MiniFlame in July but at the time believed it to be just a module within Flame.
The larger Flame virus was described by researchers as the most sophisticated cyber espionage program ever discovered and was a veritable “toolkit” for cyber spying programs. It could take remotely take screenshots of infected computers, record audio conversations that took place in the same room as the computer, intercept keyboard inputs and wipe data on command. Researchers said that malware infected thousand of computers, mostly in Iran.
In May, a top Israeli official dropped vague hints that his country may have been behind the creation of Flame, and the U.S. and Israel have long been suspected of mounting a sophisticated cyber campaign against Iran that included the Stuxnet worm, which is credited with physically disrupting the operation of one of Iran’s nuclear facilities.
Lebanon is home to the Iran-backed militant group Hezbollah, which the U.S. considers a terrorist organization.
Kaspersky Chief Security Expert Alexander Gostev said he believes MiniFlame is used as a “second wave” of attack after Flame or another virus called Gauss, has already hit a target system.
“MiniFlame is a high-precision attack tool,” Gostev said. “After data is collected [via Flame] and reviewed, a potentially interesting victim is defined and identified, and MiniFlame is installed in order to conduct more in-depth surveillance and cyber espionage.”
Kasperky’s announcement comes weeks after U.S. officials said they suspected Iranian hackers of having a hand in a large but relatively unsophisticated cyber attack on Western financial institutions.
Last week, Secretary of Defense repeated warnings that if America doesn’t step up its cyber security on a national scale, it could face a “cyber Pearl Harbor.”