Regin, a top-tier espionage tool that enables stealthy surveillance, was used to spy on governments, businesses, researchers and individuals since 2008, Symantec said in its official blog post today.
An advanced piece of malware, known as Regin, has been used in systematic spying campaigns against a range of international targets since at least 2008. A back door-type Trojan, Regin is a complex piece of malware whose structure displays a degree of technical competence rarely seen.
Customizable with an extensive range of capabilities depending on the target, it provides its controllers with a powerful framework for mass surveillance and has been used in spying operations against government organizations, infrastructure operators, businesses, researchers, and private individuals, Symantec said.
Regin infections have been observed in a variety of organizations between 2008 and 2011, after which it was abruptly withdrawn. A new version of the malware resurfaced from 2013 onwards. Targets include private companies, government entities and research institutes. Almost half of all infections targeted private individuals and small businesses. Attacks on telecoms companies appear to be designed to gain access to calls being routed through their infrastructure.
The bug has also been very active in Saudi Arabia, accounting for 24 percent of all infections. Other nations mentioned by Symantec include Mexico, Ireland, India, Afghanistan, Iran, Belgium, Austria and Pakistan.
Regin’s developers put considerable effort into making it highly inconspicuous. Its low key nature means it can potentially be used in espionage campaigns lasting several years. Even when its presence is detected, it is very difficult to ascertain what it is doing.
Symantec was only able to analyze the payloads after it decrypted sample files.
It has several “stealth” features. These include anti-forensics capabilities, a custom-built encrypted virtual file system (EVFS), and alternative encryption in the form of a variant of RC5, which isn’t commonly used. Regin uses multiple sophisticated means to covertly communicate with the attacker including via ICMP/ping, embedding commands in HTTP cookies, and custom TCP and UDP protocols.
The US State Department has shut down its entire unclassified email system after detecting a breach in its computer network. According to reports, the “activity of concern” was detected in the system concurrently with another cyber attack which hit the network at the White House computer network
NATO launched its largest ever multinational cyber defence exercise, “Cyber Coalition 2014” on 18 November. The three-day training event will test the Alliances ability to defend its networks from the various challenges that exist when operating in the contested cyber domain
Russia and China are set to sign an international cyber security agreement in the first half of 2015, Kommersant newspaper reported citing a source familiar with the progress of negotiations. According to the report, the agreement was expected to be signed this week during a state visit to China by Russian premier Vladimir Putin
The Indian government has dedicated a budget of $16. 2 million to increase cyber security and cyber defense in the country
The United Arab Emirates is gearing up to launch a cyber command within the General Headquarters (GHQ) of the UAE Armed Forces. Sources with knowledge on the matter told Defenseworld
DARPA’s Ground X-Vehicle Technologies Seek Survivability without Piling on Armor
20 Instances of Chinese Laser Attacks on US Military Pilots Reported This
China Invites Bids To Develop Nuclear-Powered Icebreaker Ship
Lockheed Martin Wins $86M Support Contract For Iraqi C-130J Aircraft
BEL in Race to Develop Infrared Tracking System For Sukhoi Su-30 MKI...
Draken Wins USAF $280 Million ADAIR Services Contract
Pakistan Signs Deal to Procure 30 T129 ATAK Helicopters from Turkey
BAE Systems Wins $348 Million to Produce 473 Bradley Armored Vehicles
Indias plans of integrating the MBDAs meteor missile on its LCA Tejas and Su-30MKI aircraft may not happen due to...
The most-read stories on the defenseworld
One of the most interesting exhibits at the Dubai Air show 2017 occupies a corner in the Aviation Industries Corporation...
The rising demand for low-cost, combat-capable aircraft that is able to perform a range of missions in an unchallenged environment,...
Amid the proliferation of real-time data from sources such as mobile devices, web, social media, sensors, log files and transactional...
Military activity in various hotspots of the world has increased the demand for ballistic protection that includes headgear, bulletproof vests,...