Security researchers have just discovered "one of the most advanced pieces of malware ever created." Symantec researchers recently published their findings on a Trojan they named "Regin." Regin has been in use since at least 2008 and has only now been discovered. Researchers state the…
It’s been cleverly designed to spy on computer systems around the world while leaving hardly a trace behind. The software’s authors have gone to great lengths to cover its tracks.” Regin uses multiple layers of encryption to hide spying activities. When researchers at Symantec found the malware, they had to decrypt an entire sample package of files to even get a general idea of what the malware was up to.
The malware has been primarily found on computers located in Russia and Saudi Arabia, though smaller prescience of Regin has been found in Mexico, Ireland, Afghanistan, Iran, Belgium, Austria, and Pakistan. Most infections have targeted internet providers and telecom companies for stealing
Symantec researchers believe the Regin is likely the primary means of cyber espionage for the government that developed it. The Regin software itself is highly versatile, allowing different packages to be built into the payload that infects computers. The standard tools that Regin can add are: remotely control mouse and keyboard, take screen shots, record keypresses, and network activity, and recover deleted files. Symantec researchers have noted that infiltrators could apply much more specialized customizations to Regin for the task of monitoring energy utility or telecom systems. Custom payloads for Regin are another sign of state-sponsored development. Regin’s campaign can date back as early as 2006. With a highly complex and stealthy nature of the malware, researchers are almost certain that it was developed by a government.
This malware is designed for long-term espionage and is extremely difficult if not impossible for a standard computer user to detect. The fact that security experts have just now discovered it is a testament to the stealthy and sophisticated design of the story.
What do you think about the Regin malware? Comment below!
Images via Shutterstock and Symantec.
Last modified: February 13, 2020 6:52 PM UTC