Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

Creepy 'Regin' spy cyberweapon reminds researchers of Stuxnet

John E Dunn | Nov. 26, 2014
Symantec and Kaspersky Lab have discovered another cyber-surveillance tool of the sort countries use to spy on each other. Called ‘Regin' by Symantec, it's attracting a lot of attention because it is reminiscent of complex tools such as Duqu and Struxnet.

In conclusion, there is no smoking gun that connects Regin to Stuxnet or any other suspected US or Israeli programmes but the mere fact it has been meticulously written to hide its origins is odd enough on its own.

The Chinese write aggressive malware, more recently-discovered Russian malware has a paranoiac flair, but only US code is supernaturally complicated and inscrutable. As one security expert once described a US cyberweapon to Techworld off the record, "It could have been written in Narnia."

"Regin appears to be a very sophisticated piece of software. Unlike many other forms of malware that are designed for one job, this particular piece can adapt to many different jobs that include intelligence gathering, granting remote access or even taking screenshots," said Mark James of security firm, ESET.

"Regin almost certainly has been used for very large scale data gathering. It's taken a lot of resources to create and most probably will have many variants both waiting to be released and in the wild already. We would be naive to think that there aren't other very similar complex pieces of malware out there undetected, quietly sitting on hardware gathering data and sending it back for intelligence and malicious means."


Previous Page  1  2 

Sign up for CIO Asia eNewsletters.