Trend Micro Facebook TrendLabs Twitter Malware Blog RSS Feed You Tube - Trend Micro
Search our blog:

  • Recent Posts

  • Calendar

    April 2014
    S M T W T F S
    « Mar    
     12345
    6789101112
    13141516171819
    20212223242526
    27282930  
  • About Us

    “Mini Flame”, detected by Trend Micro as BKDR_FLAMER.SMA is the latest espionage tool to hit the threat landscape. But a closer look reveals that BKDR_FLAMER.SMA does not differ largely from malicious tools like PlugX and PoisonIvy.

    Because of its similarities to the Flame malware, this new tool was dubbed “mini flame”. Flame made headlines early this year because of its connection to the notorious Stuxnet and was noted for its information stealing techniques.

    Based on our analysis, BKDR_FLAMER.SMA like any other backdoor, connects to specific server to communicate to a remote user. It is capable of executing malicious commands, which includes downloading and uploading files, creating processes and invoking sleep command among others.

    Its capabilities, however, do not differ from other remote tools we have seen previously such as PlugX and its predecessor PoisonIvy. PlugX is the latest Remote Access Tool (RAT) used by the same people behind the PoisonIvy campaign that has started as early as 2008. It features noteworthy backdoor modules, enabling a remote attacker to copy, rename, or delete files and capture video and screenshots. PlugX also drops a debug log file, which documents error codes that a remote attacker may use to improve future versions.

    Mini Flame, as much as it presents serious security concerns, is hardly a threat to common users. Our own findings and media reports indicate that mini flame appears to be a highly specific attack. Trend Micro, with its Smart Protection Network™, detects and deletes this malware if found in user’s system.





    Share this article
    Get the latest on malware protection from TrendLabs
    Email this story to a friend   Technorati   NewsVine   MySpace   Google   Live   del.icio.us   StumbleUpon




    Comments are closed.



     

    © Copyright 2013 Trend Micro Inc. All rights reserved. Legal Notice