miniFlame - who should care?


It is frightening how much effort can go into targeted attacks and how well organized the team behind Flame and Stuxnet is working. miniFlame is the most recent piece of malware that fits into this puzzle. But who is really affected by this threat?

Kaspersky and Symantec published analyses of another component, discovered in June 2012, used in the cyber-espionage frameworks of Stuxnet, Duqu, Flame and Gauss. The development of this framework dates back until 2007 and it has been in use until recently. The components of the framework are well implemented and designed to be hard to identify by standard security software. They have their peculiarities and avoid activities and behavior of typical malware. But, on the other hand, the basic functionality does not differ too much from established botnet frameworks.

And then there is this question: who is really affected?
Only a very small number of incidents are reported  (which is not surprising in targeted attacks) over a quite long period of time and most of those incidents occurred in the Middle East. So, if you are not living in the Middle East and/or are not running a power plant (or another piece of critical infrastructure) lay back and relax.
It is very unlikely for average PC users to encounter this threat.
In case you are a possible target, you should be prepared to defend your systems against skilled attackers that may invest years of effort, huge amounts of money and intelligence to slip into your systems, which is no news at all. In this case, a standard AV-product can only be one component of a comprehensive infrastructure protection strategy.