MENA under another cyber attack
Cyber attacks are becoming rampant in the MENA region after another discovery of a related program to the flame named as “miniflame”. The software is capable of executing more precise attacks on targets and has already affected almost 50 “high-value” machines according to a Kaspersky Lab research report.
The behavior of Miniflame is described as “scalpel for a focused surgical dissection” and it’s believed that the people who made it are the same people behind Flame. Miniflame is made to focus on conducting “more in-depth surveillance and cyber-espionage,” Kaspersky Chief Security Expert said. The newly discovered spying software is still being investigated but it has already been stated that it has limited geographical concentration compared to its predecessors. Infections were found in Lebanon and Iran but also in the Palestinian Territories, Iran, Kuwait, and Qatar, according to Kaspersky.
Six versions of Miniflame have already been identified with the most recent version being created in September 2011 and some of the protocols used by the software date back to 2007. They can also operate in partnership with Flame and Gauss. Kaspersky said that MiniFlame responded to a series of commands given Anglo first names by the program authors. “Elvis” created a process on an infected machine and “Barbara” took a screen shot. “Tiffany” directed the computer to a new command server.
It can recalled that two antivirus firms, Kaspersky and Symantec Corporation, warned that Flame’s control software remotely directed a number of smaller programs, and that the effects of only one of those programs was clear in a joint report released last month.
However, Symantec thinks that the cyber attacks are being initiated by military and intelligence agencies because the attacks always leave some of their operatives in the dark.