Mobile  |  About us  |  Photos  |  Videos  |  Subscriptions  |  RSS Feeds  |  Today's Paper  |  Classifieds  |  Contact Us
The Daily Star
MONDAY, 21 APR 2014
05:20 AM Beirut time
Weather    
Beirut
17 °C
Blom Index
BLOM
1,214.01down
Lebanon News
Follow this story Print RSS Feed ePaper share this
New ‘surgical’ virus targets Lebanon in wave of cyberattacks
The attacks on computers are capable of stealing data and causing computer malfunctions. (The Daily Star/Mahmoud Kheir)
The attacks on computers are capable of stealing data and causing computer malfunctions. (The Daily Star/Mahmoud Kheir)
A+ A-

BEIRUT: A digital virus launched a “surgical attack” against computers in Lebanon as part of a multi-wave espionage operation to control computers and steal information, according to a report released Monday by a leading anti-virus software company.

In recent months, several anti-virus computer companies have discovered a barrage of viruses targeting computers in mostly Iran and Lebanon. The attacks, capable of stealing data and causing computer malfunctions, were so sophisticated that many experts agree they could only be authored by a handful of countries that have considerable programming abilities.

The latest discovery of miniFlame by Kaspersky Lab provides more evidence that all of the attacks were authored and controlled by the same group of hackers with specific aims in the Middle East.

Kaspersky’s report offers the first look into a precision attack that was likely a coordinated campaign. The sophisticated computer virus infected a small number of computers, which hackers identified during waves of larger-scale cyberattacks.

“‘MiniFlame’ is a small fully functional espionage module designed for data theft and direct access to infected systems,” the report read.

“The miniFlame malware is not widespread. It is probably deployed only on a very small number of ‘high profile’ victims,” it said, adding that it had detected 50 to 60 infected computers that the hackers would have direct access to.

The hackers could control the computer’s operation or take information from it from command servers in other countries.

The malware is one of many cyberattacks that have come to light after Russian-based Kaspersky Lab began to seek out viruses to protect their clients.

In August, the virus Guass was discovered infiltrating many computer systems in Lebanon, mining personal information, particularly that related to bank accounts.

The specialized virus sent shock waves through the country’s banking sector, which had already been fighting off what it says are unsubstantiated U.S. Treasury Department accusations of involvement in drug or money laundering schemes.

The attack also demonstrated that Lebanon has been drawn into the crosshairs of a large cyber espionage campaign that has been ongoing in the Middle East, possibly carried out partially by the United States.

So far Kaspersky Lab has discovered and mapped five related espionage computer viruses. Stuxnet, the farthest reaching cyberattack, was reported by the New York Times to have been distributed by the United States under a direct order from President Barack Obama.

The virus infected around 300,000 computers and was credited with causing equipment malfunction at Iranian nuclear facilities. According to the New York Times, Obama approved Stuxnet as part of a slate of cyberattacks developed by Israel and the United States to set back the Iranian nuclear program.

Another virus named Duqu targeted industrial systems but on a much smaller scale.

Early this year it was found that computers across the Middle East were also infected with the Flame virus, which mined data and broke codes with an expert level cryptography, stunning the hacking community.

Stuxnet, Duqu, Flame and Gauss shared so many technical similarities that Kaspersky Lab and Symantec anti-virus company said they likely all came from the same cyber factory.

The latest details about miniFlame revealed further links among the viruses. MiniFlame was found to communicate with both Flame and Gauss and share networks with the two otherwise distinct pieces of malware.

Connections between the viruses make their relationship and overall purpose clearer, even if the exact target and author can’t definitively be determined, Kaspersky Lab said.

“If Flame and Gauss were massive spy operations, infecting thousands of users, miniFlame/SPE is a high precision, surgical attack tool,” the Kaspersky Lab report said.

Some cybersecurity experts caution against drawing a direct line between the attacks. There are no easy identifiers, and analysts have to draw conclusions based on structure.

But cybersecurity expert Daniel Bilar said much doubt about the intent of the viruses and their connections was dispelled after the latest discovery.

“This is one more piece of corroborating evidence,” he said.

“We saw what certain modules of what Flame did, we saw what Gauss did two months or so ago, and this has enough links with both of them because it comes from the same roots. So it’s highly unlikely that this would be something other than espionage.”

 
A version of this article appeared in the print edition of The Daily Star on October 16, 2012, on page 4.
Home Lebanon News
 
     
 
cyberattack / Iran nuclear program / Lebanon
Advertisement
Comments  

Your feedback is important to us!

We invite all our readers to share with us their views and comments about this article.

Disclaimer: Comments submitted by third parties on this site are the sole responsibility of the individual(s) whose content is submitted. The Daily Star accepts no responsibility for the content of comment(s), including, without limitation, any error, omission or inaccuracy therein. Please note that your email address will NOT appear on the site.

comments powered by Disqus
More from
Stephen Dockery
 
 
Marky’s cheesesteaks offer a taste of Philly
 
 
Demo for fugitive Assir held in Downtown Beirut
 
 
Bliss’ Gift Mania fills long-neglected niche market for collectibles
 
 
ISF: HRW abuse report not reflective of police conduct
 
 
HRW: World should act on Lebanon police abuse
Advertisement


Baabda 2014
Advertisement
Follow us on Facebook Follow us on Twitter Follow us on Linked In Follow us on Google+ Subscribe to our Live Feed
Multimedia
Images  
Pictures of the day
A selection of images from around the world- Saturday April 19, 2014
View all view all
Advertisement
Rami G. Khouri
Rami G. Khouri
Why Israeli-Palestinian talks fail
Michael Young
Michael Young
Why confuse gibberish with knowledge?
David Ignatius
David Ignatius
Echoes of 1914 characterize the Ukraine crisis
View all view all
Advertisement
cartoon
 
Click to View Articles
 
 
News
Business
Opinion
Sports
Culture
Technology
Entertainment
Privacy Policy | Anti-Spamming Policy | Disclaimer | Copyright Notice
© 2014 The Daily Star - All Rights Reserved - Designed and Developed By IDS