A sophisticated piece of malware known as “Regin” has been spying on government organizations, infrastructure operators, businesses, researchers and private individuals since at least 2008. The backdoor-type Trojan is said to display a degree of technical competence rarely seen and would have required a significant investment of time and resources to create according to Symantec. The design of the malware makes it suitable for long-term surveillance operations against a range of international targets and can even be customized with a range of capabilities depending on the target.
Computer security researchers at Symantec say they have discovered a sophisticated piece of malware circulating the world that appears to be used for spying at Internet service and telecommunications companies, and was likely created by a government agency. And while its origin is unclear, a short list of capable countries would include the U.S., Israel and China. The research, published today, comes from the same team at Symantec that four years ago helped discover and ferret out the capabilities of Stuxnet, the world’s first digital weapon. It is believed to have been created by the combined efforts of the U.S. and Israel and used to sabotage the Iranian nuclear research program. The team has dubbed this newly found Trojan “Regin” according to a Symantec blog post, and they are describing it as a “complex piece of malware whose structure displays a degree of technical competence rarely seen.” They say the tool has an “extensive range of capabilities” that provides the people controlling it with “a powerful framework for mass surveillance.” The researchers said Regin has been used in what appears to be an ongoing spying operation that started in 2008, stopped suddenly in 2011, and then resumed in 2013.