New Regin Spyware Found, Likely Created by a Government - The Washington Post

November 24, 2014

New Regin Spyware Found, Likely Created by a Government - The Washington Post

The Washington Post, By Ellen Nakashima

Cyber threat researchers say they have discovered an advanced piece of computer spyware that has been used for years in espionage campaigns against government agencies, telecoms and other businesses in countries such as Russia and Saudi Arabia.

The malware, which the security firm Symantec dubbed Regin, has been used since at least 2008, the firm said in a new report. Symantec researchers said they had no evidence tying the malware to a particular state, but said that it was “reminiscent of Stuxnet and Duqu” – two pieces of malware that were reportedly developed by the United States and Israel.

The software “provides its controllers with a powerful framework for mass surveillance,” said the report issued Sunday. Its sophistication and the resources required to develop it suggest it was created by a nation-state, the report said.

Infections were also found in Afghanistan, Pakistan, Iran, Mexico, India, Ireland and Belgium, the report said. No infections were found in the United States, Israel or Britain, which are three countries with highly developed cyber espionage capabilities.

One notable aspect of Regin is its ability to take control of a cellphone tower and listen in or reroute calls—even obtain cellphone location data, said Liam O’Murchu, a Symantec researcher. “We see telecoms targeted a lot by this” aspect of the malware, he said. Once the malware has taken hold, the hacker “has total control. They can do whatever they want,” he said.

The researchers say they have never seen malware with this capability before.

“The ability to penetrate and monitor [cellphone] networks is perhaps the most unusual and interesting aspect” of the malware, said Costin Rau, director of global research at Kaspersky Lab, which also detected Regin and reported on its findings in a blog post on Monday. He highlighted the risk of other hackers taking advantage of the capability to “launch different attacks against mobile users.” Read more.

About Kaspersky

Kaspersky is a global cybersecurity and digital privacy company founded in 1997. With over a billion devices protected to date from emerging cyberthreats and targeted attacks, Kaspersky’s deep threat intelligence and security expertise is constantly transforming into innovative solutions and services to protect businesses, critical infrastructure, governments and consumers around the globe. The company’s comprehensive security portfolio includes leading endpoint protection, specialized security products and services, as well as Cyber Immune solutions to fight sophisticated and evolving digital threats. We help over 200,000 corporate clients protect what matters most to them. Learn more at www.kaspersky.com.

New Regin Spyware Found, Likely Created by a Government - The Washington Post

New Regin Spyware Found, Likely Created by a Government - The Washington Post

About Kaspersky

Related Articles Press Releases

Kaspersky Lab Joins Forces with Merchant Risk Council to Help Combat eCommerce Fraud

Kaspersky Lab North America Recognized on CRN’s 2018 Security 100 List

Kaspersky Lab North America Releases its Inaugural Corporate Social Responsibility Report

Kaspersky Lab Appeals U.S. Department of Homeland Security Debarment

Poor Security Practices put Cloud-Driven Business Growth and Cost Savings at Risk

Kaspersky Lab Story of the Year 2017: More Than One Quarter of Ransomware Attacks Target Businesses

Kaspersky Lab Survey: IT Security Experts Uncertain on How to Combat Targeted Attacks

Kaspersky Lab Creates Pop-Up Shop Experience Using New Currency to Showcase the Value of Personal Data

Kaspersky Lab Enters Endpoint Detection and Response Market with New Solution

Kaspersky Lab North America Champions National Cyber Security Awareness Month 2017