Researchers find link between Flame and Stuxnet
The researchers who discovered the Flame spy virus say that they have identified key components that it had in common with the earlier Stuxnet virus.
The finding increased suspicions that the same organization was responsible for both the viruses, and came amid speculation that Israel, the US, or both had disseminated the cyber weapons.
Stuxnet targeted industrial control systems made by Siemens and appeared to be focused on disrupting nuclear centrifuges used by Iran to enrich uranium. It was first detected in June 2010.
Flame was detected last month by online security firm Kaspersky, and appeared to be capable of retrieving all data from an infected machine and even turning on its microphone to allow the virus controller to eavesdrop on users. It was said to be prevalent in the Middle East.
Kaspersky initially surmised that the two viruses were unrelated but closer inspection revealed that such a conclusion was incorrect, the lab’s researchers said in a blog posting Monday.
Both programs contained a code module that appeared to originate from the same source code and were likely written by the same programmer, Kaspersky said.
“We’re very confident that the Flame team shared some of their source code with the Stuxnet group,” Roel Schouwenberg, a senior researcher with the Moscow-based lab, said. “It’s conclusive proof that the two worked together, at least once.”