A cyber espionage malware piece was identified by the researchers of computer security company, Symantec. Traces of the sophisticated malware called ‘Regin’ date back to at least 2008.
On Sunday, Symantec published a report as well as a blog post, detailing the Regin malware, which was described as a powerful and customizable tool when it comes to cyber espionage. More than 100 infected entities were discovered by Symantec, half of which were situated in Russia and Saudi Arabia. It is believed that ten countries were involved in the attack of the Malware, including Iran, Ireland, Belgium, Austria, Mexico, Pakistan, India, Afghanistan beside Saudi Arabia and Russia.
What’s even more disturbing about Regin is that it “lived” for at least six years before someone was able to finally detect it. The malware was mainly targeting individuals and small business owners. Given the fact that it is highly customizable, it was set up to gather only specific kind of information from the victims.
It took Symantec almost a year to publish the report on the malware because of its analysis difficulty. Regin has five different stages, all of which are dependent on the previous stage, when it comes to the decryption process.
Although the entities affected by Regin have been traced, it is not known how they actually caught the malware in the first place. The researchers have found only how one of the computers caught Regin and that’s via Yahoo’s Messenger program. It is believed that the malware used social engineering, tricking the user to click on an infected link. However, given the complexity of the malware, it is more likely that Regin found a soft spot in the software of the program and used it to infect the computer without any interaction from the actual user.
“The threat is very advanced in everything it does on the computer. We imagine these attacks have quite advanced methods for getting it installed,”
said Liam O’Murchu, member of the Symantec research team, during a phone interview on Sunday.
Experts at Symantec are suspecting that the Trojan-like malware was probably created by the government, as a surveillance tool, since it took its developers “months, if not years” to create. No data has been released about what operating systems are more susceptible to the malware.
However, if Regin’s purpose is actually spying on anyone from governments to private individuals, the questions “Why?” and “Who?” remain unanswered.
Latest posts by Nathan Fortin (see all)
- The End of Life Option Act Already Used by 111 People - Mar 24, 2019
- Senate Decided to Kill Rule that Promotes Retirement Plans - Mar 24, 2019
- BlackRock Is Turning to Robots for Improved Stocks - Mar 24, 2019