MOSCOW – Security experts have discovered a highly sophisticated computer virus in Iran and the Middle East that they believe was deployed at least five years ago to engage in state-sponsored cyber espionage.
Responsibility for discovering the virus, which has been dubbed ‘Flame', was claimed by Russian cyber security software-maker Kaspersky Lab.
Kapersky said evidence suggested that it may have been built on behalf of the same nation, or nations, that commissioned the Stuxnet worm that attacked Iran‘s nuclear program in 2010.
Kaspersky researchers say they have yet to determine whether Flame had a specific mission like Stuxnet, and declined to say who they think built it.
Iran has accused the US and Israel of deploying Stuxnet.
Cyber security experts said the discovery provided new evidence that nations have been using pieces of malicious computer codes as weapons to promote their security interests for several years.
"This is one of many, many campaigns that happen all the time and never make it into the public domain," Alexander Klimburg, a cyber security expert at the Austrian Institute for International Affairs, said.
A cyber security agency in Iran said on its website that Flame bore a "close relation" to Stuxnet, the notorious computer worm that attacked that country‘s nuclear program in 2010 and is the first publicly known example of a cyber weapon.
Iran's National Computer Emergency Response Team also said Flame might be linked to recent cyber attacks that officials in Tehran say were responsible for massive data losses on some Iranian computer systems. Kaspersky Lab said it discovered Flame after a UN telecommunications agency asked it to analyse data on malicious software across the Middle East in search of the data-wiping virus reported by Iran.
Experts at Kaspersky Lab and Hungary‘s Laboratory of Cryptography and System Security who spent weeks studying Flame said they have yet to find any evidence that it could attack infrastructure, delete data or inflict other physical damage.
But they said they were in the early stages of their investigations and could discover other purposes beyond data theft.
It took researchers months to determine the key mysteries behind Stuxnet, including the purpose of modules used to attack a uranium enrichment facility at Natanz, Iran.