Stuxnet and U.S. Linked to Flame Virus Development
Created: 2012-06-13 09:04 EST
Category: Science & Technology
A screen shot from Alexander Gostev’s blog post about his findings of Stuxnet and Flame module.
Malware codes Stuxnet and Flame both share a common module, changing the initial thinking that they were developed separately, researchers announced Monday.
Alexander Gostev, head of the Global Research and Analysis Team of the security firm Kaspersky Lab, presented the findings in a blog post.
Kaspersky Lab, which discovered Flame—widely heralded as the most advanced spy program known—found the “Resource 207” module in a 2009 version of Stuxnet. The data inside seems to be from an early Flame plugin.
This suggests programmers directly shared source code at least once.
Computer security giant Symantec Corp. later announced similar findings.
Both security firms declined to name the specific origin of the malware.
However, this revelation links the governments of both the United States and Israel to Flame.
The New York Times reported the countries’ involvement with developing Stuxnet, with U.S. President Barack Obama personally approving each successive cyber-attack.
In the report, officials suggest that Flame was not part of the "Olympic Games" program that birthed Stuxnet, but declined to comment on whether the US was behind the code as well.
With direct links to the production of two of the most advanced malicious codes known, it is clear that the United States is deeply engaged in cyber warfare.
Stuxnet is a computer worm discovered in 2009. It targeted an Iranian nuclear facility and was able to affect physical damage by altering centrifuge operations.
Flame, an advanced spyware discovered recently, originally seemed to be programmed completely separately from Stuxnet.
Even larger than Stuxnet in terms of size, the Flame code seems mainly designed to spy on targeted computers in Middle East and North African countries, such as Iran, Syria and Sudan.
Resource 207 was removed from later installments of Stuxnet, with its algorithms spread to other modules.