November 24th 2014
One of the most sophisticated items of malware ever discovered has been discovered by security researchers at computer security company Symantec.
Most victims of the bug – known as Regin – are located in Russia and Saudi, but those in other countries including Ireland and Mexico have also been targeted. These include government organisations, infrastructure operators, businesses, researchers and private individuals. Most were targeted between between 2008 and 2011, with a since decommissioned version reappearing 2013.
According to Symantec, judging by its level of sophistication, protracted development time and the precautions that developers have gone to conceal it, Regin was probably created by a nation state – which was not named. It has been used against a range of targets around the world for the last six years – stealing passwords, recovering deleted files and capturing screenshots.
Researchers wrote: "Regin is a complex piece of malware whose structure displays a degree of technical competence rarely seen. Customisable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organisations, infrastructure operators, businesses, researchers, and private individuals." The report continued: "Its design makes it highly suited for persistent, long term surveillance operations against targets."