The Mirage malware program itself is very crafty and is designed to evade easy detection, according to SecureWorks. All of its communications with its command and control servers are disguised to appear like the URL traffic pattern associated with Google searches.

Those behind the espionage have used phishing emails to trick mid-level to senior executives at the targeted companies to click on attachments containing malware for installing Mirage on their systems. One of the emails used in the campaign for instance, contained a pdf of a news story about Yemeni women being eligible to participate in that country's elections.

Over the past few months, researchers at SecureWorks discovered several customized variants of Mirage designed to evade detection by anti-virus and anti-malware programs

"One of the variants was seen in a subset of samples that had been modified specifically for the environment targeted by the threat actors," SecureWorks analyst Silas Cutler wrote in the alert. "These samples had been configured with default credentials for the targeted environment's web proxy servers," he noted.

Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at or subscribe to . His e-mail address is .