U.S. cyber spies have allegedly hacked a string of computers inside the official residence of the President of the French Republic during the last days of Sarkozy’s tenure and have stolen confidential information by using the Flame malware.

The claim has been made on Tuesday by French paper L’Express, which says that the May attack begun with a simple social engineering trick: the attackers befriended workers at the Élysées Palace through Facebook and directed them towards a spoofed login page for the palace’s intranet.

Armed with the stolen credentials, they accessed the internal network and proceeded to compromise a number of computers, including the one belonging to Xavier Musca, Sarkozy’s secretary general.

The attackers then proceeded to infect the computers with Flame, which searched for information on the affected machines and sent it to the attackers.

Sarkozy’s computer was allegedly not affected because it was not connected to the network.

According to the paper and its internal sources, the French information security agency (ANSSI) was in charge of cleaning up the computer and securing the network after the breach, and it took them several days to do it.

They suspect the U.S. to be behind the attack because Flame is widely believed to be the brain-child of U.S. and Israeli researchers and because of the general sophistication of the attack.

The U.S. Embassy in Paris has reacted to the claims by saying that they “categorically refute the allegations.”

“We have no greater partner than France, we have no greater ally than France. We cooperate in many security-related areas,” U.S. Homeland Security secretary Janet Napolitano also chimed in, pointing out that Stuxnet had never been conclusively linked to the U.S. government.