New 'miniFlame' Virus Hits Iran Computers

A new cyberespionage tool linked to the Flame virus has been infecting computers in Lebanon, Iran and elsewhere, say experts.

Elad Benari ,

Hackers (illustration)
Hackers (illustration)

A new cyberespionage tool linked to the Flame virus has been infecting computers in Lebanon, Iran and elsewhere, security researchers said Monday, according to AFP.

Kaspersky Lab, which was credited with revealing the Flame virus earlier this year, dubbed the new malware "miniFlame," and said it was "a small and highly flexible malicious program designed to steal data and control infected systems during targeted cyber espionage operations," according to the report.

The Russian-based Kaspersky said miniFlame "is based on the same architectural platform as Flame". The smaller version "can function as its own independent cyber espionage program or as a component" inside Flame and related malware.

Unlike Flame, which is designed for "massive spy operations," miniFlame is "a high precision, surgical attack tool," according to Alexander Gostev at Kaspersky Lab.

"Most likely it is a targeted cyberweapon used in what can be defined as the second wave of a cyberattack," he said.

Kaspersky Lab data indicates the total number of infections worldwide is just 50 to 60, including computers in Lebanon, France, the United States, Iran and Lithuania.

MiniFlame operates "as a backdoor designed for data theft and direct access to infected systems," according to Kaspersky, which said development of the malware might have started as early as 2007 and continued until the end of 2011, with several variations.

Flame, which was discovered in May, was dubbed the “most sophisticated cyber-weapon yet unleashed”. The virus was designed to collect and delete sensitive information, primarily in Middle Eastern countries.

The “Flame” struck at least 600 specific computer systems in Iran, Syria, Lebanon, Egypt, Sudan, Saudi Arabia and the Palestinian Authority.

Iran subsequently admitted that its oil industry was briefly affected by Flame, but claimed that Iranian experts had detected and defeated the virus.

After Flame was discovered, U.S. computer security researchers said that it had gotten orders to vanish, leaving no trace.

Western officials later hinted that the U.S. and Israel had jointly developed Flame for the purpose of slowing Iran’s ability to develop a nuclear weapon.