A new computer virus reportedly targeting systems in Iran and Lebanon aims to build upon the capabilities of two previously released superbugs suspected of being state-sponsored attempts at spying on Iran’s nuclear program.
Computer security experts Kaspersky Lab released a report Monday on what they dubbed “miniFlame,” a virus which they say works in tandem with the Flame and Gauss viruses to give controllers remote access to infected computers.
Kaspersky Lab has called Flame and Gauss, both discovered over the last several months, “massive spy operations.”
The report described miniFlame as a “small, fully functional espionage module designed for data theft and direct access to infected system… a high precision, surgical attack tool.”
The viruses are part of a family of bugs widely believed to have been created by a combination of US and Israeli programmers to engage in cyber warfare against Iran and their proxies, like Lebanon-based Hezbollah. In addition to Flame and Gauss, which have targeted sites in Iran, in 2010 Stuxnet played havoc with Iran’s nuclear program.
In June, New York Times correspondent David Sanger reported that a secret White House program, code-named “Olympic Games,” had created super-viruses to battle Iran’s nuclear activities.
In a Monday press release, Kaspersky security director Alexander Gostev called miniFlame a second-wave, “targeted cyber weapon.” He said that Flame and Gauss are used to collect massive amounts of information, but miniFlame is “installed in order to conduct more in-depth surveillance and cyber-espionage” on a “potentially interesting victim.”
First discovered in June, miniFlame is estimated to have infected only a few dozen computer systems, perhaps as few as 10-20. Unlike Flame, which just collects information, miniFlame allows an operator to have direct access to the infected system.