- How to watch Netflix on Linux 4 Years Ago
- Fortnite streamer Tfue sues gaming organization FaZe Clan over contract dispute Today 12:28 AM
- Report finds some users can’t opt out of Facebook’s face recognition Monday 7:27 PM
- Get emotional over this real-life pastor baptizing an anime girl in virtual reality Monday 6:53 PM
- Twitter wants to know what Jack in the Box did to offend Kim Kardashian Monday 6:38 PM
- ‘Game of Thrones’ meme claims King’s Landing is an ‘inside job’ Monday 6:06 PM
- Report: Personal data of 49 million Instagram influencers exposed online Monday 4:57 PM
- ‘Stranger Things’ season 3 trailer teases a wet, hot American summer Monday 4:02 PM
- What Daenerys’ biggest ‘Game of Thrones’ scenes have in common with Nazi propaganda Monday 3:12 PM
- Here’s what’s coming to Amazon Prime in June Monday 2:11 PM
- Where did Jon Snow go? Unpacking the ‘Game of Thrones’ ending Monday 2:04 PM
- So, did anyone actually win ‘Game of Thrones’? Monday 1:29 PM
- The surprising religious subtext of ‘John Wick: Chapter 3’ Monday 12:53 PM
- Robin Arryn got hot—and the internet is seriously shook Monday 12:40 PM
- Tana Mongeau is going to VidCon a year after TanaCon disaster Monday 12:12 PM
Researchers suspect a government’s hand in major new malware ‘Regin’
It’s being described in terms similar to Stuxnet.
Researchers have uncovered a highly-advanced, “top-tier” piece of malware that has targeted governments, businesses, and national infrastructure and is believed to have been created by a nation-state.
The malware, called “Regin,” was revealed in a blogpost by software security company Symantec on Nov. 23. It has been used “in systematic spying campaigns against a range of targets” since at least 2008, and potentially as early as 2006.
The software exhibits “a degree of technical competence rarely seen,” and this sophistication has led Symantec to predict that its creator is likely a nation-state. Regin probably took months or even years to develop, the researchers said.
Customizable and almost impossible to detect due to its encrypted “multi-stage” nature, Regin usually targets governments, research institutes, infrastructure operators, and businesses, but it has also attacked individuals. “Attacks on telecoms companies appear to be designed to gain access to calls routed through their infrastructure,” Symantec reports.
The malware has also been adapted to infiltrate the systems of airlines and energy companies, and is capable of logging keystrokes, copying files off hard drives, accessing webcams, and monitoring network traffic.
Malware experts have already drawn parallels with Stuxnet, weaponized malware that degraded Iran’s nuclear capabilities in 2010 and is believed to have been created by Israel and the United States. Symantec, which discovered Stuxnet, suggested that the significance of Regin may be even greater, calling it “one of the main cyberespionage tools used by a nation state.”
Unlike Stuxnet, there is no sign that Regin was designed to damage computer systems. Its purposes appears to be purely to discretely surveil targets, leaving almost no trace of its presence.
So who is behind this new malware? That’s not yet clear—no nation state is likely to claim responsibility for it—and in an interview with re/code, Symantec security researcher Liam O’Murchu declined to speculate about its origins.
One hint as to its origins comes from its targets: Of the 100 known infections, 52 percent originated in Saudi Arabia and Russia. Other infection sources include Mexico, India, Iran, Pakistan, Ireland and Afghanistan, reports re/code. Regin has not yet been detected in either China or the U.S.
Symantec’s researchers have not been able to figure out how Regin infects its targets, though the researchers speculate that it could work by spoofing websites. Only one method of infection, Yahoo Messenger, has been conclusively identified.
H/T BBC | Illustration by Rob Price
Rob Price is a technology and politics reporter who served as the U.K.-based morning editor for the Daily Dot until 2014. He now works as the news editor for Business Insider, and his work has appeared in Vice, Slate, the Washington Post, and the Independent.