Computer security firm Symantec Corp on Monday said it uncovered stealthy software wielded as part of a years-long spying campaign, most likely by a nation state.
The malicious software, dubbed Regin, has a rare level of sophistication and has been targeting government agencies, telecoms, utilities, airlines, research facilities, private individuals and others since at least 2008, Symantec said.
Attacks on telecoms appeared aimed at getting access to calls being routed through networks.
“Regin is a highly complex threat which has been used in systematic data collection or intelligence gathering campaigns,” the Silicon Valley-based computer security firm said in a paper detailing the threat.
“The development and operation of this malware would have required a significant investment of time and resources, indicating that a nation state is responsible,” it said.
The news Web site The Intercept later on Monday reported that the malware appeared to be linked to US and British intelligence, and that it was used in attacks on EU government networks and Belgium’s telecom network.
The report, citing industry sources and a technical analysis of the malware, said Regin appears to be referenced in documents leaked by former US National Security Agency (NSA) contractor Edward Snowden about broad surveillance programs.
Asked about the report, an NSA spokeswoman said: “We are not going to comment on speculation.”
Symantec researchers found Regin infected a variety of organizations from 2008 to 2011, only to be withdrawn, though a new version of the malicious software appeared last year.
The largest number of infections discovered — 28 percent — was in Russia, and Saudi Arabia was second with 24 percent. Other countries where the malware was found included Mexico, Ireland, India, Afghanistan, Iran, Belgium, Austria and Pakistan. There were no reported infections in the US.
About half of all infections occurred at addresses belonging to Internet service providers, but Symantec said it believes the targets of these infections were customers of these companies rather than the companies themselves.
Telecom companies were also infected, apparently to gain access to calls being routed through their infrastructure, the report said.
Regin’s capabilities include letting hackers snap screen-shots, steal passwords, monitor network traffic, take files or tap into mobile telephone calls, researchers said.
The “backdoor-type Trojan” takes great measures to hide its presence as well as any data it is stealing, Symantec said.
“Regin’s developers put considerable effort into making it highly inconspicuous,” the report said. “Its low key nature means it can potentially be used in espionage campaigns lasting several years.”
Regin may have taken years to make, according to Symantec, which said the tool could be used for mass surveillance. The company did not indicate who it thought might be behind the cyberespionage tool.
Other security experts agreed this was a dangerous tool likely sponsored by a government.
“Regin is a cyberattack platform, which the attackers deploy in victim networks for total remote control at all levels,” a research report from Kaspersky Lab said.
Regin also appears to have infiltrated mobile communications through GSM networks, exposing “ancient” communication protocols used by cellphone networks, Kaspersky added.
Antti Tikkanen at Finland-based F-Secure called it “one of the more complex pieces of malware around,” and added that “our belief is that this malware, for a change, isn’t coming from Russia or China.”
purpose: Tesla’s CEO sought to meet senior Chinese officials to discuss the rollout of its ‘full self-driving’ software in China and approval to transfer data they had collected Tesla Inc CEO Elon Musk arrived in Beijing yesterday on an unannounced visit, where he is expected to meet senior officials to discuss the rollout of "full self-driving" (FSD) software and permission to transfer data overseas, according to a person with knowledge of the matter. Chinese state media reported that he met Premier Li Qiang (李強) in Beijing, during which Li told Musk that Tesla's development in China could be regarded as a successful example of US-China economic and trade cooperation. Musk confirmed his meeting with the premier yesterday with a post on social media platform X. "Honored to meet with Premier Li
ARTIFICIAL INTELLIGENCE: The chipmaker last month raised its capital spending by 28 percent for this year to NT$32 billion from a previous estimate of NT$25 billion Contract chipmaker Powerchip Semiconductor Manufacturing Corp (力積電子) yesterday launched a new 12-inch fab, tapping into advanced chip-on-wafer-on-substrate (CoWoS) packaging technology to support rising demand for artificial intelligence (AI) devices. Powerchip is to offer interposers, one of three parts in CoWoS packaging technology, with shipments scheduled for the second half of this year, Powerchip chairman Frank Huang (黃崇仁) told reporters on the sidelines of a fab inauguration ceremony in the Tongluo Science Park (銅鑼科學園區) in Miaoli County yesterday. “We are working with customers to supply CoWoS-related business, utilizing part of this new fab’s capacity,” Huang said, adding that Powerchip intended to bridge
Dutch brewing company Heineken NV on Friday announced an investment of NT$13.5 billion (US$414.62 million) over the next five years in Taiwan. The first multinational brewing company to operate in Taiwan, Heineken made the statement at a ceremony held at its brewery in Pingtung County. It also outlined its efforts to make the brewery “net zero” by 2030. Heineken has been in the Taiwanese market for 20 years, Heineken Taiwan managing director Jeff Wu (吳建甫) said. With strong support from local consumers, the Dutch brewery decided to transition from sales to manufacturing in the country, Wu said. Heineken assumed majority ownership and management rights
Microsoft Corp yesterday said that it would create Thailand’s first data center region to boost cloud and artificial intelligence (AI) infrastructure, promising AI training to more than 100,000 people to develop tech. Bangkok is a key economic player in Southeast Asia, but it has lagged behind Indonesia and Singapore when it comes to the tech industry. Thailand has an “incredible opportunity to build a digital-first, AI-powered future,” Microsoft chairman and chief executive officer Satya Nadella said at an event in Bangkok. Data center regions are physical locations that store computing infrastructure, allowing secure and reliable access to cloud platforms. The global embrace of AI