Kaspersky has found three spyware related to Flame malware threats said to use “sophisticated encryption methods”.
The security firm says it exposed three new unfriendly programs while studying several Command and Control (C&C) servers used by creators of Flame malware.
“Sophisticated encryption methods were utilised so that no one, but the attackers, could obtain the data uploaded from infected machines,” read Kaspersky’s statement.
“The analysis of the scripts used to handle data transmissions to the victims revealed four communication protocols, and only one of them was compatible with Flame.
“It means that at least three other types of malware used these Command and Control servers. There is enough evidence to prove that at least one Flame-related malware is operating in the wild.”
The finding of the programs means Flame’s Command and Control development was in 2006, another four years earlier than first conceived.
In May, reports of targeted cyber-attacks against Iranian computer systems exposed the presence of Flame malware, which caused widespread concerns within the security industry about its progressive espionage abilities.
Flame’s full-scale potential and its dominating innuendos are still unknown despite the ongoing collaborative research campaign assembled by Kaspersky, IMPACT, CERT-Bund/BSI and Symantec.
“It was problematic for us to estimate the amount of data stolen by Flame, even after the analysis of its Command and Control servers,” said Alexander Gostev, chief security expert at Kaspersky.
Image: David Orban, via Flickr (CC)