Computer security firm Symantec Corp on Monday said it uncovered stealthy software wielded as part of a years-long spying campaign, most likely by a nation state.
The malicious software, dubbed Regin, has a rare level of sophistication and has been targeting government agencies, telecoms, utilities, airlines, research facilities, private individuals and others since at least 2008, Symantec said.
Attacks on telecoms appeared aimed at getting access to calls being routed through networks.
“Regin is a highly complex threat which has been used in systematic data collection or intelligence gathering campaigns,” the Silicon Valley-based computer security firm said in a paper detailing the threat.
“The development and operation of this malware would have required a significant investment of time and resources, indicating that a nation state is responsible,” it said.
The news Web site The Intercept later on Monday reported that the malware appeared to be linked to US and British intelligence, and that it was used in attacks on EU government networks and Belgium’s telecom network.
The report, citing industry sources and a technical analysis of the malware, said Regin appears to be referenced in documents leaked by former US National Security Agency (NSA) contractor Edward Snowden about broad surveillance programs.
Asked about the report, an NSA spokeswoman said: “We are not going to comment on speculation.”
Symantec researchers found Regin infected a variety of organizations from 2008 to 2011, only to be withdrawn, though a new version of the malicious software appeared last year.
The largest number of infections discovered — 28 percent — was in Russia, and Saudi Arabia was second with 24 percent. Other countries where the malware was found included Mexico, Ireland, India, Afghanistan, Iran, Belgium, Austria and Pakistan. There were no reported infections in the US.
About half of all infections occurred at addresses belonging to Internet service providers, but Symantec said it believes the targets of these infections were customers of these companies rather than the companies themselves.
Telecom companies were also infected, apparently to gain access to calls being routed through their infrastructure, the report said.
Regin’s capabilities include letting hackers snap screen-shots, steal passwords, monitor network traffic, take files or tap into mobile telephone calls, researchers said.
The “backdoor-type Trojan” takes great measures to hide its presence as well as any data it is stealing, Symantec said.
“Regin’s developers put considerable effort into making it highly inconspicuous,” the report said. “Its low key nature means it can potentially be used in espionage campaigns lasting several years.”
Regin may have taken years to make, according to Symantec, which said the tool could be used for mass surveillance. The company did not indicate who it thought might be behind the cyberespionage tool.
Other security experts agreed this was a dangerous tool likely sponsored by a government.
“Regin is a cyberattack platform, which the attackers deploy in victim networks for total remote control at all levels,” a research report from Kaspersky Lab said.
Regin also appears to have infiltrated mobile communications through GSM networks, exposing “ancient” communication protocols used by cellphone networks, Kaspersky added.
Antti Tikkanen at Finland-based F-Secure called it “one of the more complex pieces of malware around,” and added that “our belief is that this malware, for a change, isn’t coming from Russia or China.”
SEEKING CLARITY: Washington should not adopt measures that create uncertainties for ‘existing semiconductor investments,’ TSMC said referring to its US$165 billion in the US Taiwan Semiconductor Manufacturing Co (TSMC, 台積電) told the US that any future tariffs on Taiwanese semiconductors could reduce demand for chips and derail its pledge to increase its investment in Arizona. “New import restrictions could jeopardize current US leadership in the competitive technology industry and create uncertainties for many committed semiconductor capital projects in the US, including TSMC Arizona’s significant investment plan in Phoenix,” the chipmaker wrote in a letter to the US Department of Commerce. TSMC issued the warning in response to a solicitation for comments by the department on a possible tariff on semiconductor imports by US President Donald Trump’s
‘FAILED EXPORT CONTROLS’: Jensen Huang said that Washington should maximize the speed of AI diffusion, because not doing so would give competitors an advantage Nvidia Corp cofounder and chief executive officer Jensen Huang (黃仁勳) yesterday criticized the US government’s restrictions on exports of artificial intelligence (AI) chips to China, saying that the policy was a failure and would only spur China to accelerate AI development. The export controls gave China the spirit, motivation and government support to accelerate AI development, Huang told reporters at the Computex trade show in Taipei. The competition in China is already intense, given its strong software capabilities, extensive technology ecosystems and work efficiency, he said. “All in all, the export controls were a failure. The facts would suggest it,” he said. “The US
The government has launched a three-pronged strategy to attract local and international talent, aiming to position Taiwan as a new global hub following Nvidia Corp’s announcement that it has chosen Taipei as the site of its Taiwan headquarters. Nvidia cofounder and CEO Jensen Huang (黃仁勳) on Monday last week announced during his keynote speech at the Computex trade show in Taipei that the Nvidia Constellation, the company’s planned Taiwan headquarters, would be located in the Beitou-Shilin Technology Park (北投士林科技園區) in Taipei. Huang’s decision to establish a base in Taiwan is “primarily due to Taiwan’s talent pool and its strength in the semiconductor
French President Emmanuel Macron has expressed gratitude to Hon Hai Precision Industry Co (鴻海精密) for its plan to invest approximately 250 million euros (US$278 million) in a joint venture in France focused on the semiconductor and space industries. On his official X account on Tuesday, Macron thanked Hon Hai, also known globally as Foxconn Technology Group (富士康科技集團), for its investment projects announced at Choose France, a flagship economic summit held on Monday to attract foreign investment. In the post, Macron included a GIF displaying the national flag of the Republic of China (Taiwan), as he did for other foreign investors, including China-based
RSS