Mini Flame Ignites a Flicker but Is No Wildfire
“Mini Flame”, detected by Trend Micro as BKDR_FLAMER.SMA is the latest espionage tool to hit the threat landscape. But a closer look reveals that BKDR_FLAMER.SMA does not differ largely from malicious tools like PlugX and PoisonIvy.
Because of its similarities to the Flame malware, this new tool was dubbed “mini flame”. Flame made headlines early this year because of its connection to the notorious Stuxnet and was noted for its information stealing techniques.
Based on our analysis, BKDR_FLAMER.SMA like any other backdoor, connects to specific server to communicate to a remote user. It is capable of executing malicious commands, which includes downloading and uploading files, creating processes and invoking sleep command among others.
Its capabilities, however, do not differ from other remote tools we have seen previously such as PlugX and its predecessor PoisonIvy. PlugX is the latest Remote Access Tool (RAT) used by the same people behind the PoisonIvy campaign that has started as early as 2008. It features noteworthy backdoor modules, enabling a remote attacker to copy, remove, rename or delete files and capture video and screenshots. PlugX also drops a debug log file, which documents error codes that a remote attacker may use to improve future versions.
Mini Flame, as much as it presents serious security concerns, is hardly a threat to common users. Our own findings and media reports indicate that mini flame appears to be a highly specific attack. Trend Micro, with its Smart Protection Network™, detects and deletes this malware if found on user’s system.
Post from: Trendlabs Security Intelligence Blog – by Trend Micro
Mini Flame Ignites a Flicker but Is No Wildfire
Powered by WPeMatico
Spotlight
Cloud Computing
- US makes large investment in cyber weaponry
- Wall Street has data security concerns over Bloomberg reporting
- Security in backups means more than just encryption
- Employees must buy into the company policy for better cloud security
Virtualization
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Internet Safety
- Virtualization-specific challenges could threaten data security
- Evolving threats put security skills in high demand
- Virtualization security requires education, access control management
- Tips for launching effective virtual security tools
Vulnerabilities & Exploits
CTO Insights
First Line of Defense
Newsletter
Stay up to date with the latest news and information on online threats.
Recent News
- Cloud security group develops third-party certification program
- US makes large investment in cyber weaponry
- SEC may ask for more information after cyberattacks
- FBI trying to train financial execs on cyber threats
Tag Cloud
cloud cloud computing cloud computing security Cloud Security Compliance & Regulations Consumerization Current News cybercrime Data Privacy data security Encryption Government Policy Internet Protection Internet Safety Internet Safety - DO NOT USE Internet Security Malware Mobile Security Mobility Policy Policy - DO NOT USE Privacy Privacy & Policy Private Cloud Public Cloud Reports Research Spotlight threat intelligence threat research Trend Labs Underground Economy virtualization Vulnerabilities Vulnerabilities - DO NOT USE web security web threats
Comments
No comments yet
The comments are closed.