Flame malware confirmed to be a product of US and Israel to slow Iranian nuclear efforts

Recently, ‘Flame’ had become a very familiar word to almost all among us. Flame has been named by security experts to be the most complicated malware the security world has ever encountered till now. Flame makes use of a vulnerability in the computers running Windows operating system, enacting itself to be a legitimate piece of code by faking itself as an update, through Windows Update.

Flame had been confirmed to be a state-sponsored attack, just like Stuxnet quite a while ago. Though there were speculations about the sponsor/origin of Flame, it was just now that the hands behind the ‘fire’ came into light:

Flame was developed at least five years ago as part of a classified effort code-named Olympic Games, according to officials familiar with U.S. cyber-operations and experts who have scrutinized its code. The U.S.-Israeli collaboration was intended to slow Iran’s nuclear program, reduce the pressure for a conventional military attack and extend the timetable for diplomacy and sanctions.

According to a report by The Washington Post, NSA (National Security Agency) of USA, which is known for its extensive expertise in developing malicious codes, was the brain behind Flame’s codes. CIA and Israel’s military, though not as sophisticated as the NSA, had also been in the supporting role in the project.

“It is far more difficult to penetrate a network, learn about it, reside on it forever and extract information from it without being detected than it is to go in and stomp around inside the network causing damage,” said Michael V. Hayden, a former NSA director and CIA director who left office in 2009.

As we had reported earlier, Kaspersky has had its own doubts about the connection between Flame sand Stuxnet. Now, Kaspersky has not only cleared its doubts about the connection between the two, but also confirmed that Flame was pre-dated to Stuxnet, and that Flame just used to ‘fire up’ Stuxnet, which was detected two years back.

“We are now 100 percent sure that the Stuxnet and Flame groups worked together”, said Roel Schouwenberg, a Boston-based senior researcher with Kaspersky Lab. “It looks like the Flame platform was used as a kick-starter of sorts to get the Stuxnet project going”, he added.

[via Slashgear]

Share this post

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>

4 comments

  1. meldasue

    @Dan: ‘it seems there is no mention of the unwanted sideeffects from all of this in the mainstream media’

    I’ve noticed that – how would you know you have it?

    And it seems to me that Israel has been trying to speed up the war timetable, not slow it down. It makes me wonder if the whole thing isn’t an elaborate state-sponsored hoax to make us think that the CIA and Mossad are doing something noble (avoiding war), rather than their usual activities (fabricating excuses to bomb the heck out of innocent people).

  2. Dan

    Is it just me, or is there something inherently wrong with this whole situation? I mean, if I try to hack into an Pentagon or NSA network database, my ass is grass and likely to be slung in jail for more years than I would care to think about.

    But these guys can merely go about infecting a fair share of the world’s PCs with this crap and they probably got a medal of something for doing it!

    We should be able to sure these people for doing crap like this..but it seems there is no mention of the unwanted sideeffects from all of this in the mainstream media..and, on top of all this, just what about our own personal details that have found their way back to some office in either the US or Israel..or both? I don’t live in either country, so what right do they have to access my system and steal data and info on my or what I do on my PC?

    I’m sure it will be said this was never meant to gather info on ordinary people around the world..but that is what it sure seems to have done..and that..in ANY country..is illegal!