Ever since Flame, a gigantic piece of malware that lifts data from infected computers, was uncovered by security researchers three weeks ago, people have been wondering who could have built such a thing. Its powers, and the fact that it had apparently been operating in secret for years, shocked experts, who called it “one of the most complex threats ever discovered.”
More revelations followed: World-class mathematicians had worked on it, doing new science to develop its attacks. At first it was thought that Flame had nothing in common with Stuxnet, the US and Israeli-built virus that targeted Iran’s nuclear program and has become synonymous with the new age of cyberwarfare. Closer analysis, however, revealed that an early module of Flame had identified and exploited a then-unknown weakness in Microsoft Windows. The same capability showed up later in Stuxnet. The two pieces of malware had apparently communicated at least once, with Flame, which primarily gathers information, passing data to Stuxnet, which used that data to inflict damage.
Now, The Washington Post reports that anonymous government officials have admitted that Flame was built by the US and Israel, and that it was indeed used to gather information as part of a wide-ranging effort to hamper Iran’s program that continues today.
Read more at The Washington Post.