The "Flame" computer virus, which was discovered earlier this month amid a series of attacks on Iran's oil industry, had been created by the US and Israel as part of an intensifying campaign of cyber-warfare, according to reports.
Figures released by the Kaspersky Lab show that infections by the programme were spread across the Middle East with 189 attacks in Iran, 98 incidents in the West Bank, 32 in Sudan and 30 in Syria
Last week similarities were discovered between the coding of Flame, a piece of Malware disguised as a Microsoft software update, and Stuxnet, a virus previously launched on Iran's nuclear infrastructure.
“This is about preparing the battlefield for another type of covert action,” one former high-ranking US official reportedly told The Washington Post. “Cyber collection against the Iranian programme is way further down the road than this.”
The CIA, NSA and Office of the Director of National Intelligence, as well as the Israeli embassy in Washington, did not comment on the newspaper's report.
Earlier this month it was reported that those responsible for the Flame and Stuxnet cyber-attacks ‘cooperated at least once’ in the early stages of their development, according to Russian security company Kaspersky Lab.
The new findings reveal that the teams shared source code of at least one module prior to 2010. “What we have found is very strong evidence that Stuxnet/Duqu and Flame cyber-weapons are connected,” said Alexander Gostev, Chief Security Expert at Kaspersky Lab.
The new found connection concerns a special module known as ‘Resource 207’ that was found in earliest known version of Stuxnet, created in 2009 but was later removed from the 2010 version. ‘Resource 207’ has a lot in common with the code used in Flame.
Resemblances include the names of mutually exclusive objects, the algorithm used to decrypt strings, and similar approaches to file naming. Furthermore, the primary function of ‘Resource 207’ was to distribute the Stuxnet infection from machine to another through removable USB drives. The code which is responsible for distribution of malware using USB drives is completely identical to the one used in Flame.
However despite the newly discovered facts, Mr Gostev remains confident that Flame and Stuxnet originate from completely different platforms, used to develop multiple cyber-weapons.
“They each have different architectures with their own unique tricks that were used to infect systems and execute primary tasks. The projects were indeed separate and independent from each other.”
A recent New York Times investigation has suggested that President Obama, in cooperation with the Israelis, has consistently ordered sophisticated cyber attacks on the computer systems that run Iran’s main nuclear enrichment facilities. The programme became public in the summer of 2010 due to a programming error and soon became known as Stuxnet.
Kaspersky Lab’s recent discovery of the link between Stuxnet and Flame opens the way for allegations that once again, the USA and Israel are behind a cyber attack on Iran. The Israeli government have distanced themselves from any such accusations despite an interview in which a minister appeared to back the attacks. The UN’s head of telecommunications Dr Hamadoun Toure labelled the New York Times investigation as ‘speculation’ whilst refuting any US responsibility for Flame.