Flame created by US and Israel to slow Iranian nuke program

1. #---------------------------------------------------------------------------------------------------------------------------#
2. # https://arstechnica.com/information-technology/2012/06/flame-malware-created-by-us-and-israel/ #
3. #---------------------------------------------------------------------------------------------------------------------------#
4. # Confirmed: Flame created by US and Israel to slow Iranian nuke program #
5. # Flame was developed by the NSA, CIA, and Israeli military, a new report says. #
6. # DAN GOODIN - 6/19/2012, 6:00 PM #
7. #---------------------------------------------------------------------------------------------------------------------------#
8. # IMG: https://cdn.arstechnica.net/wp-content/uploads/2012/06/flame1.png #
9. #---------------------------------------------------------------------------------------------------------------------------#
10. The United States and Israel jointly developed the Flame espionage malware to collect information that would be useful in disrupting Iran's nuclear program, the Washington Post reported, citing unnamed Western officials with knowledge of the operation.
11.  
12. While important, the report isn't entirely unexpected. Researchers said last week they had conclusive proof that developers of Flame collaborated with developers of Stuxnet, the highly sophisticated computer worm that targeted uranium enrichment operations in Iran's Natanz nuclear facility. A week before that, an in-depth article in the New York Times provided the first confirmation that Stuxnet was created by the US and Israel before they ultimately lost control of it. Flame was part of "Olympic Games," the same classified effort that spawned Stuxnet, Washington Post journalists Ellen Nakashima, Greg Miller, and Julie Tate reported Tuesday.
13.  
14. Still, the report is the first to cite unnamed officials saying Flame was jointly devised by personnel in the National Security Agency, the CIA, and Israel's military. As such, it has helped to flesh out details of what is believed to be the first sustained campaign of computer-aided sabotage of a US adversary. And like the confirmation that Stuxnet received the explicit backing from two US presidents, the latest confirmation could harm US interests by touching off a cyber-arms race and making it harder for US officials to argue against their use.
15.  
16. Flame came to light after Iranian engineers detected malware attacks targeting the country's oil refineries. According to Tuesday's report, "The disruption was directed by Israel in a unilateral operation that apparently caught its US partners off guard, according to US and Western officials, speaking on the condition of anonymity." The article goes on to say the episode was what prompted Iran to learn it was being targeted by Flame. "Some US intelligence officials were dismayed that Israel's unilateral incursion led to the discovery of the virus, prompting countermeasures," it stated.
17.  
18. The precise connection between Flame and the malware that targeted Iran's oil industry is still unknown.
19.  
20. Last week, researchers from Kaspersky Lab said a chunk of code found in an early version of Stuxnet contained the same fingerprints found in Flame. The binary from 2009 included an exploit of what was then an undocumented vulnerability in Microsoft's Windows operating system, a revelation that brings the number of zero-day security flaws targeted by Stuxnet to five. Kaspersky Lab expert Roel Schouwenberg speculated that Flame was a precursor to Stuxnet and was used as a "kick-starter" to get the latter project going.
21.  
22. Flame was a highly stealthy rootkit that used the work of world-class cryptographers and mathematicians to spread from machine to machine, even on hardened networks. After infecting a system, it manipulated microphones, cameras, and Bluetooth functions to spy on people in the immediate vicinity. It was also able to cross "air-gapped" networks which aren't connected to the Internet by stashing interception communication on USB drives. While other espionage programs have many of the same capabilities, Flame's sophistication was the ability to bundle all of this together in a 20-megabyte collection of binaries that worked seamlessly.
23.  
24. Stuxnet was a worm programmed to replicate on computers in Iranian enrichment facilities. Once in place, it caused malfunctions by forcing uranium centrifuges to spin too fast or too slow, while simultaneously reporting operations were running normally.