If up until now security researchers haven’t been able to find any direct connection between the new Flame and Stuxnet, further analysis has demonstrated that they’re very much related to each other, or at least they have been at some point in time.
Initially, experts didn’t consider the two pieces of malware related because Stuxnet (and Duqu) were created based on the Tilded platform, while Flame was not.
However, as it turns out, a particular component from Flame was used by Stuxnet to infect Iranian computers back in 2009.
Kaspersky researchers reveal that Flame was developed no later than the summer of 2008, while Stuxnet only emerged in the first half of the next year.
They assume that two independent teams have been building their own malware since 2007-2008, but in 2009 the creators of Stuxnet borrowed a little something from Flame called “resource 207.”
Resource 207 was a component that allowed Stuxnet to spread to USB drives via the infamous autorun.inf file. It also allowed it to exploit a zero-day in win32k.sys to escalate its privileges.
Further analysis has shown that “resource 207” is actually an encrypted DLL that contains a portable executable file which is actually a Flame plugin.
Read more: http://news.softpedia.com/news/Kaspersk ... 4905.shtml