Symantec Discovers Spy Malware Targeting Countries and Individuals

By CIOReview | Tuesday, November 25, 2014

FREMONT, CA: Symantec has proclaimed that it has discovered an advanced malicious software application which has been developed by a ‘nation state’ and has spied on private companies, governments, research institutes, and individuals in ten countries. Countries such as Russia and Saudi Arabia have been affected predominantly, while other countries including Iran, India, Belgium, Austria, Ireland, Mexico, Afghanistan, and Pakistan have also been infected.

Called as Regin or Backdoor, this malware has five stages with each stage being hidden and encrypted except the first. The complete understanding of the threat can allow be deduced only after acquiring all five stages of the malware. It takes a modular approach enabling it to load custom features tailored to targets.

Industries such as energy, airline, hospitality, and research sectors were affected while telecom being the worst hit. A sizeable number of infections happened at ISP addresses. The Symantec report further said that this malware was active since 2008; it was withdrawn in 2011 but appeared once again from 2013 onwards. Regin is built for long-term surveillance operations against targets said the report.