Israel and the US jointly developed the Flame malware to slow Iran’s nuclear program, according to a report from the Washington Post.
Citing "Western officials with knowledge of the effort", the report claims that the malware secretly mapped and monitored Iranian computer networks, sending intelligence back to officials at the National Security Agency, the CIA, and the Israeli military.
Flame was first reported by Iran’s Computer Emergency Readiness Team (CERT), named MAHER, which believes it may lie behind “recent incidents of mass data loss” in the country. MAHER said that it tested 43 anti-virus products, and none were capable of discovering the threat. It was described by Kaspersky Labs as "one of the most complex threats ever discovered".
According to researchers, Flame is capable of recording audio through the infected PC’s microphone as well as ‘sniffing’ network traffic, taking screenshots and recording keystrokes. It then sends all the gathered information back to a command and control server.
The Washington Post story quotes Michael V. Hayden, a former NSA director and CIA director who left office in 2009, saying: "It is far more difficult to penetrate a network, learn about it, reside on it forever and extract information from it without being detected than it is to go in and stomp around inside the network causing damage."
The news comes on the heels of a report claiming that the Stuxnet computer virus was co-authored by the US and Israel, also citing anonymous sources. The Post cites officials familiar with matter in claiming that Flame is also a part of a cyber attack programme code-named "Olympic Games", begun in the early 2000s under president Bush.
In an analysis of both Stuxnet and Flame malware patterns, Kaspersky Labs concluded last week that Flame existed about a year before Stuxnet. The security firm believes that Stuxnet and Flame were developed by separate teams that worked together, and that Flame laid the groundwork for Stuxnet to ultimately destroy Iranian nuclear equipment.