"It's difficult to say for certain because you never know who is behind these things, but all the indicators are that [Flame] was state-sponsored," said O Murchu, who cited the complexity of the malware, its size and multiple modules, and the apparent interest in Iran as reasons for his assumption.

Schouwenberg didn't disagree.

"The complexity of the malware, the size of the malware, the size of the operation, it would take very, very serious funding to pull this off," said Schouwenberg. "Flame [stole] a huge amount of data, and it couldn't be gone through with a few guys. It had to be a huge operation and involve a lot of people."

Traditional hacker groups are much leaner, and can't afford the manpower to create malware that results in massive amounts of information that must be organized, analyzed and acted upon.

"The manpower needed to do this would add to the entire operation's cost," Schouwenberg added.