Kaspersky: Cyberweapons Flame and Stuxnet share code

Flame malware / cyberweapon

When word of the sophisticated Flame cyberweapon first came out a couple weeks ago, Russian security firm Kaspersky indicated that despite some superficial similarities, there was no indication Flame had much of anything in common with Stuxnet, a software weapon that specifically targeted Iran’s uranium-enrichment efforts and then escaped into the wild. Now, Kaspersky says it was wrong: The firm claims to have uncovered shared code that indicate the creators of Flame and Stuxnet at least worked together — and may even be the same people.

Flame has attracted considerable attention in security circles for its sophisticated architecture the enables attackers to install modules tailored to their interest in a particular systems. Various modules appear to perform “normal” malware tasks like scanning through users’ files and logging keystrokes; Flame modules have also been found that appear to take screenshots, turn on audio microphones to record audio, and even poll nearby Bluetooth devices for contacts and other information.

The evidence? Back when Stuxnet was roaming free, Kaspersky’s automated systems picked up on something that looked like a Stuxnet variant. When Kaspersky’s staff initially looked at it, they couldn’t really understand why their systems thought it was Stuxnet, assumed it was an error, and reclassified it under the name “Tocy.a.” When Flame, appeared, however, Kaspersky went back to look for things that might link Flame to Stuxnet — and, lo and behold, there the Tocy.a variant that didn’t make any sense. In light of Flame, Kaspsersky says Tocy.a actually makes more sense: it’s an early version of a plug-in module for Flame that implements what (at the time) was a zero-day privilege escalation exploit in Windows. Tocy.a wandered into Kaspersky’s systems all the way back in October 2010, and contains code that can be traced to 2009.

“We think it’s actually possible to talk about a ‘Flame’ platform, and that this particular module was created based on its source code,” wrote Kaspersky’s Alexander Gostev.

If Kaspersky’s analysis is correct, it would indicate the “Flame platform” was already up and running by the time the original Stuxnet was created and set loose back in early-to-mid 2009. The approximate dating is possible because the proto-Flame code only appears in the first version of the Stuxnet worm: It vanished from two subsequent versions of Stuxnet that appeared in 2010.

Kaspersky infers that the highly-modular Flame platform proceeded on a different development path from Stuxnet, meaning there were at least two development teams involved. But the present of that early version of a Flame module seems to indicate the Stuxnet developers had access to source code for a true zero-day Windows exploit that was (at that point) unknown to the broader security community. That means the two teams were pretty tight, at least at one point.

The New York Times has reported that Stuxnet was created as a cyberweapon by the United States and Israel in an effort to hample Iran’s uranium enrichment activities. Since the discovery of Flame and its subsequent analysis by computer security firms, Flame’s creators have apparently sent a “suicide” command to some Flame-infected systems in an effort to remove traces of the software.

Gaming

New ‘Battlefield V’ patch gives Nvidia’s ray tracing support a chance to shine

‘Battlefield V’ is the first game to use Nvidia’s ray tracing support, now available with the RTX 2080 and 2080 Ti graphics cards. The feature can, in an ideal scenario, make the game look better, but the performance hit may not be…
Movies & TV

The best shows on Netflix, from 'Haunting of Hill House’ to ‘Twilight Zone’

Looking for a new show to binge? Lucky for you, we've curated a list of the best shows on Netflix, whether you're a fan of outlandish anime, dramatic period pieces, or shows that leave you questioning what lies beyond.
Mobile

Upcoming Samsung Galaxy S10 models may have two, three, or even four rear lenses

While we still may be months away from an announcement, there's no doubt about it: Samsung is working hard on its successor to the Galaxy S9. Here's everything we know about the upcoming Samsung Galaxy S10.
Computing

Protect yourself from the latest malware with the best free antivirus software

Malware, spyware, and adware is never fun to find on your PC. Check out our picks for the best free antivirus software, so you can rid your system of any dangerous software that might be lurking around.
Computing

Changing file associations in Windows 10 is quick and easy with these steps

Learning how to change file associations can make editing certain file types much quicker than manually selecting your preferred application every time you open them. Just follow these short steps and you'll be on your way in no time.
Computing

Intel's dedicated GPU is not far off -- here's what we know

Did you hear? Intel is working on a dedicated graphics card. It's called Arctic Sound and though we don't know a lot about it, we know that Intel has some ex-AMD Radeon graphics engineers developing it.
Computing

Edit, sign, append, and save with six of the best PDF editors

There are plenty of PDF editors to be had online, and though the selection is robust, finding a solid solution with the tools you need can be tough. Here, we've rounded up best PDF editors, so you can edit no matter your budget or OS.
Computing

How to easily record your laptop screen with apps you already have

Learning how to record your computer screen shouldn't be a challenge. Lucky for you, our comprehensive guide lays out how to do so using a host of methods, including both free and premium utilities, in both MacOS and Windows 10.
Computing

From beautiful to downright weird, check out these great dual monitor wallpapers

Multitasking with two monitors doesn't necessarily mean you need to split your screens with two separate wallpapers. From beautiful to downright weird, here are our top sites for finding the best dual monitor wallpapers for you.
Computing

Capture screenshots with print screen and a few alternative methods

Capturing a screenshot of your desktop is easier than you might think, and it's the kind of thing you'll probably need to know. Here's how to perform the important function in just a few, easy steps.
Computing

These cheap laptops will make you wonder why anyone spends more

Looking for a budget notebook for school, work, or play? The best budget laptops, including our top pick -- the Asus ZenBook UX331UA -- will get the job done without digging too deeply into your pockets.
Mobile

Vanquish lag for good with the best routers for gaming

Finding the best routers for gaming is no easy task. With so many out there, how do you know which to pick? We've looked at the many options available and put together a list of our lag-free favorites.
Computing

Stop your PC's vow of silence with these tips on how to fix audio problems

Sound problems got you down? Don't worry, with a few tweaks and tricks we'll get your sound card functioning as it should, and you listening to your favorite tunes and in-game audio in no time.
Product Review

It's not the sharpest tool, but the Surface Go does it all for $400

Microsoft has launched the $400 Surface Go to take on both the iPad and Chromebooks, all without compromising its core focus on productivity. Does it work as both a tablet and a PC?