When it was discovered in 2012, security researchers didn't exactly use the term "malware" to describe Flame. At the time, Flame was so advanced that they used the term "attack toolkit" to describe its structure, which somewhat resembles its big brother, Regin.

Just like the aforementioned, Flame is a collection of modules that work on top of the Flame framework, and are deployed based on what features operators need.

It was discovered in 2012 by the MAHER Center of Iranian National CERT in attacks against the country's government agencies. The discovery came two years after the Stuxnet malware attacks, and were quickly linked to the Equation Group, a codename for the US NSA. It was later discovered in attacks against other Middle East government as well. Currently, Flame's Wikipedia page holds the best summary of all Flame-related discoveries.