Recently, ‘Flame’ had become a very familiar word to almost all among us. Flame has been named by security experts to be the most complicated malware the security world has ever encountered till now. Flame makes use of a vulnerability in the computers running Windows operating system, enacting itself to be a legitimate piece of code by faking itself as an update, through Windows Update.
Flame had been confirmed to be a state-sponsored attack, just like Stuxnet quite a while ago. Though there were speculations about the sponsor/origin of Flame, it was just now that the hands behind the ‘fire’ came into light:
Flame was developed at least five years ago as part of a classified effort code-named Olympic Games, according to officials familiar with U.S. cyber-operations and experts who have scrutinized its code. The U.S.-Israeli collaboration was intended to slow Iran’s nuclear program, reduce the pressure for a conventional military attack and extend the timetable for diplomacy and sanctions.
According to a report by The Washington Post, NSA (National Security Agency) of USA, which is known for its extensive expertise in developing malicious codes, was the brain behind Flame’s codes. CIA and Israel’s military, though not as sophisticated as the NSA, had also been in the supporting role in the project.
“It is far more difficult to penetrate a network, learn about it, reside on it forever and extract information from it without being detected than it is to go in and stomp around inside the network causing damage,” said Michael V. Hayden, a former NSA director and CIA director who left office in 2009.
As we had reported earlier, Kaspersky has had its own doubts about the connection between Flame sand Stuxnet. Now, Kaspersky has not only cleared its doubts about the connection between the two, but also confirmed that Flame was pre-dated to Stuxnet, and that Flame just used to ‘fire up’ Stuxnet, which was detected two years back.
“We are now 100 percent sure that the Stuxnet and Flame groups worked together”, said Roel Schouwenberg, a Boston-based senior researcher with Kaspersky Lab. “It looks like the Flame platform was used as a kick-starter of sorts to get the Stuxnet project going”, he added.