Wall Street Journal says Flame was widespread through the Middle East and other parts of the world, but Iran was affected the most. It's at least the third time since 2010 Iran's been hit by hi-tech viruses (such as Stuxnet, Duqu and Wiper), disabling enrichment centrifuges, stealing data from nuke facilities and erasing oil ministry computers.
Experts at computer security firm Kaspersky say the aim of Flame was espionage, not damage or interruption. Flame was still active last Monday, but after Kaspersky went public, it immediately started shutting down to hide its source. By Tuesday, it was inactive.
Kaspersky said at least 20 specialists were needed to create/maintain Flame, suggesting it was sponsored by a nation-state: it wasn't economically feasible for a private corporation to run such a large-scale international cyberattack.
Flame is the biggest and most high-functioning cyberweapon ever discovered, 20X larger than Stuxnet and with 100X more code than a basic virus. Experts believe it fed back info to a central control network that constantly changed location. Analysts found servers around the world, but hadn't located the main server.
Iran said on Tuesday it was a victim of cyberwarfare by Israel and the US. The White House declined to comment. Israel neither confirmed nor denied, but an Iranian news site claims otherwise...
It's like a plot from a techno-spy thriller! Still, disrupting Iran's uranium enrichment programme by cyber-attack has gotta be better than Israel's option of choice, a pre-emptive military strike.