'Regin' malware described as 'groundbreaking and almost peerless'

Discussion in 'Technical' started by stg58, Nov 23, 2014.


  1. stg58

    stg58 Monkey+++ Site Supporter+ Founding Member

    "They said Regin has been discovered in at least 10 countries and was most heavily concentrated in Russia and Saudi Arabia. The United States was not among the countries listed by Symantec."

    Smells like an NSA etal job.

    ......................................
    Experts don't know where it came from, and aren't quite sure what it does.
    But they do know this: a newly-uncovered cybersecurity threat appears to have been designed by a government, and is "groundbreaking and almost peerless."

    Regin, as they've dubbed it, is malware that has been lurking in computers for as long as six years, according to Symantec (SYMC, Tech30), the cybersecurity firm that produces Norton Antivirus.

    "Its capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state," Symantec said Sunday, explaining that "development took months, if not years, to complete."

    The researchers said little to answer several key questions: Who designed it? How widely has it spread? What has it scooped up? What are the risks?


    They said Regin has been discovered in at least 10 countries and was most heavily concentrated in Russia and Saudi Arabia.

    The United States was not among the countries listed by Symantec.
    They said Regin has been discovered in at least 10 countries and was most heavily concentrated in Russia and Saudi Arabia.

    The United States was not among the countries listed by Symantec.

    Regin appears to have been aimed against particular individuals and small businesses. Some telecommunication companies were also targeted, apparently to spy on calls going through the phone networks. The software was also deployed in the hospitality and energy industries.

    Symantec said the malware conceals itself well and has several levels of protection. It uses multiple types of encryption, for example, and can communicate with the hacker that deployed it in several different ways.

    It also uses a "modular" structure that conceals deeper layers of the malware and makes it "very difficult to ascertain what it is doing," researchers said.

    In that respect, it is similar to the Stuxnet worm, which is widely believed to be a U.S.-designed weapon against the Iranian nuclear program. Iran is one of the 10 countries where Symantec says it found the Regin bug.

    "Its low key nature means it can potentially be used in espionage campaigns lasting several years," it wrote, and additional components likely "remain undiscovered."

    'Regin' malware described as 'groundbreaking and almost peerless' - Nov. 23, 2014
     
    Motomom34 likes this.
  2. VisuTrac

    VisuTrac Ваша мать носит военные ботинки Site Supporter+++

    No chance for blowback on this one ... [pregnant]
     
    Motomom34 likes this.
  3. Motomom34

    Motomom34 Moderator Moderator Site Supporter++

    Sound like it could have come from the US. And I agree with @VisuTrac's comment.
     
  4. kellory

    kellory An unemployed Jester, is nobody's fool. Banned

    My guess is, the latest round of hacks into our power grid, may be a response. "You hit me, I'll cripple you back"
     
survivalmonkey SSL seal        survivalmonkey.com warrant canary
17282WuJHksJ9798f34razfKbPATqTq9E7