Daily Israel Report

‘Flame’ Virus Designed to Steal Iranian-Russian Blueprints

The “Flame” virus is 20 times bigger than Stuxnet and was aimed at stealing blueprints, presumably of nuclear facilities.
By Tzvi Ben Gedalyahu
First Publish: 6/5/2012, 1:31 PM

Hackers (illustrative)
Hackers (illustrative)
Flash90

The “Flame” virus whose existence was revealed last week is 20 times bigger than Stuxnet and was aimed at stealing Iranian-Russian blueprints, presumably of nuclear facilities.

“Stuxnet was really unique because of its size, and this [Flame] is about 20 times bigger than Stuxnet,” Symantec official Kevin Haley, quoted by CNN, said at a cyber conference in Washington.

The attack, widely believed to have originated with Israeli-American cooperation, exploited a hole in Microsoft software that allowed the malware to be hidden in a program that appeared to have been manufactured by the computer giant.

Kaspersky Lab, a Russian firm that produces anti-virus software, said that the massive cyber attack was designed to steal designs and files. "I woke up to this news and I couldn't believe it. I had to ask, 'Am I reading this right?'" Kaspersky official Roel Schouwenberg told the Times of India.

Iran was the main victim of the attack, with 185 infections. There were 95 attacks in Israel, possibly aimed at the Palestinian Authority in Gaza as well as Judea and Samaria, 32 in Sudan and 29 in Syria.

Security experts said they were both surprised and impressed by the approach that the attackers had used, which was to disguise Flame as a legitimate program built by Microsoft.

Computer analysts have almost unanimously agreed that an unidentified nation launched the Flame virus.

“Researchers said that technical evidence suggests it was built on behalf of the same nation or nations that commissioned the Stuxnet worm that attacked Iran's nuclear program in 2010,” the Indian newspaper reported.