'Regin' Spy Malware is Significant Threat, Symantec Says

A malicious surveillance application that has been watching companies and victims in 10 countries has been uncovered, Symantec reported in a white paper released Sunday.

The tool, called "Regin," has been spying on governments, companies and individuals since 2008, Symantec reports.

Symantec, based in Mountain View, Calif., said the malware developer was most likely a "nation-state," but declined to identify the victims of the surveillance or possible developer, according to Reuters.

Symantec is considered a leading anti-virus software creator and its top software is Norton.

The report indicates that Regin uses custom encryption that makes it inconspicuous and when it is running it is hard to detect what it is doing.

"The main purpose of Regin is intelligence gathering and it has been implicated in data collection operations against government organizations, infrastructure operators, businesses, academics, and private individuals," Symantec reports. "The level of sophistication and complexity of Regin suggests that the development of this threat could have taken well-resourced teams of developers many months or years to develop and maintain."

Last month, Symantec announced it would split into two public companies by the end of 2015 with one company focusing on data storage and the other on security.

In the United States, cyber security has been a sensitive topic as many corporations have been hacked and customer and employee information has been compromised.

The report indicates that nearly half of the Regin's victims are customers of Internet service providers, including hospitality, airline, energy and research companies and almost one-third of the victims were telecom companies.

Countries that have been victimized include Russia and Saudi Arabia, where half the infections occurred but other countries affected include Afghanistan, Austria, Belgium, India, Iran, Ireland, Mexico and Pakistan.

The malware is similar to Weevil and Flamer in approach, but also has traits of Duqu and Stuxnet discovered in 2011 and 2010 respectively, Symantec reported.

Tags
Symantec, Surveillance, Virus
Real Time Analytics