'Regin' spy software snooping for years - Symantec

accreditation
Online privacy is a key issue for internet users. (Duncan Alfreds, Fin24)
Online privacy is a key issue for internet users. (Duncan Alfreds, Fin24)

San Francisco - Computer security firm Symantec on Monday said it uncovered stealthy software wielded as part of a years-long spying campaign, most likely by a nation state.

The malicious software, dubbed Regin, has a rare level of sophistication and has been targeting government agencies, telecoms, utilities, airlines, research facilities, private individuals and others since at least 2008, according to Symantec Corporation.

Attacks on telecom firms appeared aimed at getting access to calls being routed through networks.

"Regin is a highly complex threat which has been used in systematic data collection or intelligence gathering campaigns," the Silicon Valley-based computer security firm said in a paper detailing the threat.

"The development and operation of this malware would have required a significant investment of time and resources, indicating that a nation state is responsible."

Regin was found mainly in 10 countries, but more than half of infections discovered were in Russia and Saudi Arabia, according to Symantec researchers.

Regin's capabilities include letting hackers snap screen-shots, steal passwords, monitor network traffic, take files or tap into mobile telephone calls, researchers said.

The "backdoor-type Trojan" takes great measures to hide its presence as well as any data it is stealing, according to Symantec.

"Regin's developers put considerable effort into making it highly inconspicuous," the report said.

"Its low key nature means it can potentially be used in espionage campaigns lasting several years."

Regin may have taken years to make, according to Symantec, which said the tool could be used for mass surveillance.

Nearly half the infections discovered targeted small businesses and private individuals.

Researchers found Regin infected a variety of organisations from 2008 to 2011, only to be withdrawn, though a new version of the malicious software appeared last year.

Symantec did not indicate who it thought might be behind the cyber-espionage tool.

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For 14 free days, you can have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today. Thereafter you will be billed R75 per month. You can cancel anytime and if you cancel within 14 days you won't be billed. 
Subscribe to News24
Rand - Dollar
17.40
+0.0%
Rand - Pound
21.48
+0.1%
Rand - Euro
18.88
+0.1%
Rand - Aus dollar
12.25
+0.4%
Rand - Yen
0.13
-0.2%
Platinum
1,006.82
-0.7%
Palladium
1,641.73
-0.3%
Gold
1,921.61
-0.1%
Silver
23.61
+0.0%
Brent Crude
84.90
-2.1%
Top 40
74,344
0.0%
All Share
80,325
0.0%
Resource 10
77,934
0.0%
Industrial 25
102,701
0.0%
Financial 15
16,323
0.0%
All JSE data delayed by at least 15 minutes Iress logo
Company Snapshot
Editorial feedback and complaints

Contact the public editor with feedback for our journalists, complaints, queries or suggestions about articles on News24.

LEARN MORE
Government tenders

Find public sector tender opportunities in South Africa here.

Government tenders
This portal provides access to information on all tenders made by all public sector organisations in all spheres of government.
Browse tenders