Researchers Find Link Between Flame and Stuxnet
June 11, 2012Security researchers said on Monday that they have found a direct link between the Stuxnet worm and the more-recently-discovered Flame espionage malware, indicating that the two teams cooperated and collaborated.
“We’re very confident that the Flame team shared some of their source code with the Stuxnet group,” Roel Schouwenberg, a senior researcher with the Moscow-based Kaspersky Lab, said in an online presentation about the company’s findings, according to a report in Computerworld. “It’s conclusive proof that the two worked together, at least once.”
Stuxnet, a powerful cyber weapon that crippled parts of Iran’s nuclear fuel enrichment effort, was first discovered in mid-2010, but researchers later traced its first variant, and first attack, to June 2009, the report said.
Most researchers agree that Flame goes back at least to 2010. According to Kaspersky, its analysis shows that Flame harks back to no later than the summer of 2008, perhaps earlier.
The two pieces of malware each included a module that appears to originate from the same source code, likely written by a single programmer. That module was used to infect Windows PCs through USB flash drives and exploited a vulnerability that was patched in June 2009, said Kaspersky.
Kaspersky dug into its detection logs last week to look for possible evidence of a link between Flame and Stuxnet, and found one.
“Flame was a kick-starter,” Schouwenberg said, explaining the use of the code similar to both Stuxnet and Flame. “In 2010, the Stuxnet group removed that [module], and each team went their separate ways.”
Samples of Flame found by researchers last month contained the same code. Differences are small but still significant, because they show that the Flame authors — who did their work before Stuxnet’s makers by Kaspersky’s timeline, probably shared the source code of the module, not just an executable file.
“[Flame's developers] shared their intellectual property with Stuxnet, which is huge news,” said Schouwenberg. “In any kind of software endeavor, you don’t share your source code with just anyone. Source code is your ultimate possession. It’s your source of income, actually. So we’re really quite sure that the Flame team had to have approved the sharing of the code.”
Previously, Kaspersky and other security firms had said that the evidence showed the two groups were funded by the same organization. The latest revelation proves that, and more, Schouwenberg said.
“This shows that the Flame and Stuxnet operations were parallel projects,” he said. “And now we’re 100% sure that they worked together.”
Flame struck at least 600 specific computer systems in Iran, Syria, Lebanon, Egypt, Sudan, Saudi Arabia and the Palestinian Authority.
Kaspersky said the Flame virus was “about 20 times larger than Stuxnet,” and said it was a “cyber-espionage worm” designed to collect and delete sensitive information, primarily in Middle Eastern countries. Experts said it was aimed at stealing Iranian-Russian blueprints, presumably of nuclear facilities.
Iran later admitted that its oil industry was briefly affected by Flame, but claimed that Iranian experts had detected and defeated the virus.
U.S. computer security researchers said on Sunday that Flame has gotten orders to vanish, leaving no trace.
Anti-virus company Symantec said in a blog post that late last week that some Flame “command-and-control servers sent an updated command to several compromised computers.”
“This command was designed to completely remove (Flame) from the compromised computers,” said the statement.
Article source: http://www.israelnationalnews.com/News/News.aspx/156777
Similar posts
-
The 50 Most Influential Jews in the World for 2013
May 17, 2013The 50 most influential Jews in the world according to the Jerusalem Post: 1. Yair Lapid 2. Jack...
-
Amy Winehouse Exhibit at Jewish Museum in London
May 12, 2013Late UK pop star Amy Winehouse is to have an exhibition dedicated to her life and career at the ...
-
5 Famous Christmas Songs Written by Jewish Songwriters
May 12, 20131. "White Christmas" - While there are more than five Christmas carols written by Jewish songwriter...
-
Israel is Finding the Keys to Long Life
May 12, 2013The field of biogerontology began in Israel, and recently world experts gathered here to compare the...
-
Gwyneth Paltrow: World's Most Beautiful Woman 2013, Jewish
May 12, 2013With cinema fans excitedly awaiting the release of Iron Man 3 - dubbed the film of the season --...
-
Parody of FBI Investigating Motive of the Bombers
May 12, 2013This skit is performed by Latma. The politically correct FBI just can't figure out the motive of t...
-
Pictures of Israeli Female Soldiers
May 12, 2013There is no doubt that the most beautiful, courageous, and intelligent female soldiers in the world ...
-
Israel: 100 Years in a Flash
May 4, 2013This short video celebrates Israel Independence Day and the miracle of Israel.
One comment on “Researchers Find Link Between Flame and Stuxnet”
Leave a Reply
You must be logged in to post a comment.
My family always say that I am killing my time here at web, however I know
I am getting know-how everyday by reading such nice articles or reviews.