Precision Espionage MiniFlame Malware Tied To Flame

Gunkerty Jeb writes "Initially thought to be merely a module of the now-infamous Flame malware, MiniFlame, or SPE is, in reality, a secondary surveillance tool deployed against specially identified targets following an initial Flame or Gauss compromise. MiniFlame/SPE was one of three previously unseen pieces of malware discovered during a forensic analysis of Flame's command and control servers. Researchers at Kaspersky Lab and CERT-Bund/BSI determined that the program, which has compromised somewhere between 10 and 20 machines, can stand alone as an independent piece of malware or run as a plug-in for both Flame and Gauss."

Cross your fingers

[Sparticus789]

I sure hope that an actual person wrote this MiniFlame. Otherwise the virus has become self-aware and is now reproducing autonomously.

Re:

[Anonymous Coward]

They all are to one degree or another, & most implement the same general concepts for security too. Most used = most attacked. From the perspective of the malware maker/botnet master etc., this makes TOTAL sense (and it's why Microsoft Windows is the most attacked as far as Operating Systems go).

Re:

[camperdave]

It'd be a whole lot easier to use an OS that isn't so susceptible to malware.

That's why I use hand written Action! code on an Atari 800XL, and I never, ever, ever go online.

Get used to it

[crazyjj]

The era of governments using malware as part of their standard military/security/intelligence arsenal has arrived.

Re:

[flyingfsck]

No, it arrived a long, long time ago. Ordinary folk only started to take notice now though.

Re:

[SpzToid]

If nothing else, open-source code and watching how that movie director Robert Rodriguez successfully preaches low-budget artistic control vs. bigger-budget studio-control has taught me how raw talent, motivation, and perseverance can still succeed against 'the odds'. Oh, and fear helps a lot!

This knowledge I try to use for good given the gifts my life has given to me. Still, others will inherently do otherwise to the best of their abilities.

After all, it isn't what you have that matters, but what you do wit

Re:

[SethJohnson]

"....and watching how that movie director Robert Rodriguez successfully preaches low-budget artistic control vs. bigger-budget studio-control has taught me how raw talent, motivation, and perseverance can still succeed against 'the odds'."

That dude hasn't made a worthwhile movie since Sin City. He uses low budgets as an excuse for making crappy movies. There was no reason Predators had to suck with that budget. It was all him. He's infatuated by Hollywood's adoration of him. Crammed so many celebrities in

Re:

[A Friendly Troll]

Is there likely to be a lot more of this type of thing out there that just hasn't been discovered?

Yes.

There are four known communication protocols (OldProtocol, OldProtocolIE, SignupProtocol, RedProtocol) and four classes of malware (SP, SPE, IP, FL).

This is SPE. FL was Flame. SP is unknown (though presumed early SPE), IP is also unknown.

IP uses SignupProtocol. It is presumed that RedProtocol is not yet implemented, although I'd lean towards "not yet discovered".

This is really, really precisely targeted stuff. Stuxnet went out - supposedly the Israelis modified it and a bug/feature let it spread - but t

Blowback from this is going to hurt

[RoTNCoRE]

Malware like this is unique in warfare in that the payload can be recovered intact, reverse engineered, and deployed for other motives quite easily, and (from my admittedly limited understanding) requires only off-the-shelf technological overhead. I've read several articles here recently about critical infrastructure related SCADA equipment needing per-site patches due to backdoors and poor default security settings. Presuming the proliferators of this malware based espionage are intelligent and can predict