But there are hints in the code.

"There's no hard link that Flame did the [data deletion] damage, but there is a tenuous link," said O Murchu. "There are strings in the code that could be used to damage machines. Some of the strings do suicide, and it appears there is the possibility that it can not only erase itself, but also the entire machine."

"Suicide" in this context describes the practice of self-deletion, a tactic Flame seems to use once its controllers have gotten all they can from the infected Windows PC or the network it's attached to.

On Monday, Iran's National Computer Emergency Response Team, or CERT -- known by the name "Maher" -- had said much the same as O Murchu. In a statement released on its , Maher said, "The research on these samples implies that the recent incidents of mass data loss in Iran could be the outcome of some installed modules of this threat."

Today, Maher released a Flame seek-and-destroy tool that it said would delete the malware from PCs and networks. In the Monday statement, the center retroactively announced that it had issued a Flame detector in early May because existing antivirus software was unable to spot the malware.