(Ping! Zine Web Tech Magazine) – A smaller variant of the now infamous Flame virus was recently detailed by Kaspersky Lab. Simply titled “miniFlame” or “SPE,” the security company called the virus a “small, fully functional espionage module designed for data theft and direct access to infected systems.”
The security experts initially detailed the Flame virus in May, describing a highly complex theft operation likely launched from a nation state.
Kaspersky picked up on the smaller module when analyzing the original Flame malware, also noting it was likely related to Gauss, a more recently discovered form of malware.
“It all started in early July 2012, when we discovered a smaller, interesting Flame module. The module had many similarities with Flame which led us to believe it was an earlier version of it (all known Flame variants are version 2.x). In the months that followed, we not only studied the connection of this malware with Flame, but also came across examples of this module being used concurrently with Gauss and being controlled by the Gauss main module,” stated the company’s blog post.
The security firm described a virus that dates back a few years and maintains a current operation status running through the course of this year.
Most interesting about the newly discovered variant was that it doesn’t discriminate against particular geographic regions. That’s unlike Flame which accounted for victims primarily in Iran. Kaspersky, meanwhile, noted the infections for MiniFlame numbered around just 10 thousand. “We can assume this malware was part of the Flame and Gauss operations which took place in multiple waves,” concluded the company.