Security researchers have just recently started studying the code making up Flame, the computer virus responsible for stealing data from Middle Eastern computers. They have already partially discovered who created the virus, and what its capabilities are.
Kaspersky Lab researchers believe Flame is part of a campaign sponsored by a state responsible for spying on and setting back the nuclear program of Iran last 2010.
According to Roel Schouwenberg, a Kaspersky Lab security researcher, “we believe Flame was written by a different team of programmers but commissioned by the same larger entity.” Schouwenberg would not say which state was responsible for sponsoring the digital attacks.
Flame is similar to other viruses that have attacked Iran recently. One of those earlier viruses, called Duqu, copied nuclear program blueprints off Iran. Another software, Stuxnet, is similar to Duqu in terms of source code fingerprints, which led researchers to conclude they came from the same set of programmers. Nobody knew who the programmers were, but they are likely to be from a joint effort between the United States and Israeli to impair Iran’s Nuclear Program.
Kaspersky Lab researchers think that Flame was built prior to or at the same time as Stuxnet and Duqu. Flame is similar to Duqu in the sense that it is for reconnaissance. It can take monitor screen shots, record IM and email chats, inspect network traffic and keystrokes, and remotely turn microphones on. However, it will take some time to learn more about Flame, since it contains twenty times as much code as Stuxnet, and has infected so much more computers than Duqu.