Kaspersky Labs has exposed a new targeted malware tool called “MiniFlame” or “SPE’ which it links to earlier spying malware, Flame, thought to be developed by the U.S. or Israel. This latest attack has targeted computers in Lebanon and Iran, as well as some in France and the United States. Kaspersky Labs claims this new espionage tool allows the hacker a backdoor into the system and can take screenshots of what the user is doing. The malware appears to be focused on computers that were previously infected by the Flame virus. You can read more about the malware at Foreign Policy or Wired.
The larger point is that Kaspersky Labs seems to publicize its findings only when they can make vague links back to the U.S. and Israel. They have received significant press over the past two years for discovering or analyzing viruses like MiniFlame, Flame, Duqu, and Stuxnet; all which the U.S. and/or Israel has been faulted for. But there are also considerable anecdotal reports on the potential connection between the Russian government and Kaspersky Labs. This raises serious security considerations around new products they are developing, like an OS for industrial systems or infrastructure.
The supply chain trust issues related to Kaspersky Labs run parallel with the current concerns over Huawei products being used by American companies. The importance of a secure, reliable, and transparent supply chain is becoming increasingly critical as key pieces of technology and software are being developed in countries who may have an interest in economic or military espionage against American companies and the U.S. government.