Skip to main content

Flame code linked to Stuxnet virus, experts say

The Flame cyber-attack that targeted computers across the Middle East has been linked to the Stuxnet worm (opens in new tab), which is believed to have been orchestrated by the US and Israel to attack Iranian nuclear centres.

Speaking at the Reuters Global Media and Technology Summit on 11 June, Eugene Kaspersky, chief executive of the Russian security firm that bears his name and which discovered the Flame virus in May, said his team of researchers have found that Flame shares an almost identical piece of code with a 2009 version of Stuxnet.

Symantec has also been analysing Flame, seconded Kaspersky Lab's assertion regarding the malware's similarities to Stuxnet. A Symantec research manager confirmed that the two cyber weapons were built using shared source code.

"[T]here were two different teams working in collaboration," Kaspersky said, suggesting that the engineers who developed both viruses had access to the same code.

The highly complex Flame, which researchers have said bears marks of high-level cryptography (opens in new tab), was originally traced to Israel, after a high-level government official hinted that much. The country has since denied responsibility for the attack (opens in new tab), which has stolen data from PCs in Iran, Egypt and Sudan, among other countries.

Though no government or entity has so far taken credit for Flame, experts continue to believe that the virus shows signs of being a state-sponsored attack.