Experts believe a computer worm that has collected information from computers across the Middle East is the creation of state-sponsored engineers.
The Flame worm has been detected in Iran, Israel and the Palestinian territories, Sudan, Syria and other Middle Eastern countries. There have been reports that it has reached Hungary.
The flame – which is also known as Skywiper – has drawn comparisons to the Stuxnet worm, a computer virus that disabled a Iranian nuclear facility.
It affects Windows computers, steals passwords and data and can turn on microphones to surreptitiously record conversations.
But experts believe the Flame is even stronger than Stuxnet and and are warning that it could take 10 years to analyse the worm and its impact.
They are also grappling with the question who created it and who it is targeted at.
John Leyden, security correspondent with The Register, said that nobody is sure who wrote it, but that is was too big to have been created by one person
“Flame is a very complex piece of code,” he said. “It took a lot of work to put it together and it smells like a state-sponsored project.”
With some infections spotted in Iran and the West Bank, fingers have been pointed at Israel. But Mr Leyden said it is unlikely that we will ever know unless someone retires and admits to it.
While comparisons have been made with Stuxnet, Mr Leyden notes that the older worm was more precise targeting “industrial controlled systems”, such as the type used in nuclear centrifugal plants.
In contrast, Flame has been found in University systems and even home computers.
“This is a carpet bomb, not a precision guided missile,” Mr Leyden noted. “This was designed to steal information, while Stuxnet was designed to sabotage things.”
Raj Samani, McAfee’s chief technology officer for Europe, the Middle East and Africa, said one of the concerns about this code was it can be updated by its creators. “You can protect yourself, but the bad guys can still go and update it.”