New Malware Called ‘Regin’ Targets Firms in at Least 10 Countries

By Andrea Wong | November 24, 2014

An unidentified nation may have developed a “highly complex” surveillance tool that targeted companies and other victims in at least 10 countries including Russia and Mexico, Symantec Corp. researchers said.

The tool, a malware dubbed “Regin,” has been been used in intelligence gathering since at least 2008, according to a report today from Symantec, the biggest maker of security software. While almost half of the infections affected individuals and small companies, the malware also targeted the telecommunications and hospitality industries, Symantec said. Governments and research institutes were also among the victims.

“Regin is a complex piece of malware whose structure displays a degree of technical competence rarely seen,” the Mountain View, California-based company said on its blog today. “Its capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state.”

Regin features anti-forensics capabilities and a custom- built encrypted virtual file system that make the software highly inconspicuous, according to the report.

Russia and Saudi Arabia were the two most frequently targeted countries, followed by Mexico, Ireland, India, Afghanistan, Iran, Belgium, Austria and Pakistan, Symantec said.

Symantec, best known among consumers for its Norton antivirus software, announced Oct. 10 that it will break into two publicly traded companies by the end of 2015, one focused on cyber-security and the other data storage. The split will unwind Symantec’s acquisition of data-storage maker Veritas Software Corp. for $10.2 billion in 2005.

Was this article valuable?

Here are more articles you may enjoy.