Symantec, an American computer software company announced Sunday, in France, that he discovered a malware, which is operational since 2008, whose technical complexity suggests that development has been at least supervised, by the intelligence services of a state. This malware called “Regin” is a highly sophisticated Trojan that monitors selected targets in the utmost discretion.

“Teams Symantec discovered security holes in ten countries, primarily Russia and then Saudi Arabia, which focuses about a quarter of infections,” said AFP Candid Wueest, a researcher working for the company specializes in software.

The other affected countries, in order of importance, are Mexico and Ireland, followed by India, Afghanistan, Iran, Belgium, Austria and Pakistan. Unlike other malware, “Stuxnet” aiming uranium enrichment centrifuges on Iran, the purpose of  “Regin” is to collect different types of data and not to sabotage an industrial control system.



Its complexity implies a conception phase that lasted several months, even years, and which required a significant financial investment. “Time and resources used shows that a State is responsible,” assured Candid Wueest. Developers have mobilized efforts to make the virus as discreetly as possible, allowing it to be used on persisten espionage missions with a very long duration. The malware also makes use of non-standard and odd techniques as a means of stealth. For example, it has a custom-built encrypted virtual file system. Symantec believes that many components of Regin remain undiscovered.

Targets include companies, NGOs and research institutes. “This has been spotted on areas such as hospitality and aviation, for example, could serve its instigators to inquire about arrival and departure of certain persons,” said Symantec expert. “Regin” can achieve screenshots, can take control of the mouse and cursor can steal passwords, traffic monitor a network and recover deleted files. “Even if it comes to be identified, it is extremely difficult to decide what it does” notes Candid Wueest.