Kaspersky Lab’s researchers say a tool identified first believed to be a module of the Flame malware is in reality an independent piece of malware in its own right.
Kaspersky Laboratory is calling the newely found tool ‘miniFlame’. Configured to steal information and command compromised computers, the malware was first discovered by Kaspersky Lab in July. During a deeper analysis of Flame’s command and control (C&C) in September, they disclosed the tool wasn’t a module after all.
Alternatively it really could be used both as an independent malevolent program or a plug-in for both Flame and Gauss – in fact the company said this further proves there was cooperation between the creators of those two programs.
Development of miniFlame is thought to have began as early as 2007. Several versions of miniFlame were produced between 2010 and 2011, with some still active in the wild today, according to the company.
“miniFlame is a high precision attack tool,” said Alexander Gostev, chief security expert, Kaspersky Lab, in a statement. “Most likely it is a targeted cyberweapon used in what can be defined as the second wave of a cyberattack.”