Those sources said the malware was developed by the National Security Agency, the Central Intelligence Agency and Israel’s military, although the agencies declined to comment.
Flame was surveillance malware and could record audio and keystrokes, and even contained Bluetooth functionality. It targeted computers in the Middle East, mainly Iran. Sources told the Washington Post that Flame paved the way for Stuxnet and was “about preparing the battlefield for another type of covert action.”
Stuxnet was responsible for damaging key parts of Iran’s oil sector in April, the country’s Computer Emergency Response Team told SC Australia, forcing the country’s main export terminal offline.
The revelations confirm existing suspicions that Flame and Stuxnet were developed by the same engineers, a notion first flagged by Kaspersky security analyst Alexander Gostev, who spotted shared code present in Flame and an early version of Stuxnet.
Last month, Israel’s vice prime minster failed to deflect suspicion about the nation’s involvement in the creation of Flame.
He told Army Radio that “whoever sees the Iranian threat as a significant threat is likely to take various steps, including these, to hobble it” adding that “Israel is blessed with high technology, and we boast tools that open all sorts of opportunities for us.”