Vote 2020 graphic
Everything you need to know about and expect during
the most important election of our lifetimes

Surgical Attack Tool miniFlame Joins the Big Happy Cyberweapon Family

Illustration for article titled Surgical Attack Tool miniFlame Joins the Big Happy Cyberweapon Family

We already know about the state-sponsored malware triplets Flame, Gauss, and Stuxnet, but now a new one is rearing its little head. Dubbed as "miniFlame" by Kapersky Labs, it's a lot less cute and more dangerous than it sounds.


Also known as "SPE" and "John" by the attackers who use it, miniFlame was probably cooked up by the U.S. and Israel and fills an important little niche in its malware family; it plugs itself directly into Flame and Gauss installations in addition to working on its own. Once it's on a target PC, it opens up a backdoor that lets attackers directly control the infected computer, something neither Flame nor Gauss can do. As a last little bonus, miniFlame can actually delete infections of (mega)Flame and immunize the computer from further Flame infections.


Compared to the other state-sponsored malware, miniFlame has hit relatively few computers, somewhere in the the neighborhood of 50, and there's no real geographical concentration of infections. Chances are this is because its use was reserved for particularly high-profile targets, where the "total control" feature would be especially useful. Kapersky Labs calls it a "surgical attack tool."

Chances are you're not a high-value target, so it's not a risk to we rank-and-file, but it just goes to show how sophisticated and specialized the secret suite of operating cyberweapons is. And you can bet there are more out there, still hiding. [Kapersky Labs via Wired]

Image by Ruslan Grechka/Shutterstock

Share This Story

Get our newsletter



I can make sense of cleaning to computer to cover up tracks, but i don't think i understand the future immunization trick. What purpose would that serve?