Ad advanced software application that is highly malicious has just been uncovered. The malware since 2008 has been used to spy on governments, private companies, individuals and research institutes in 10 countries, said Symantec Corp a maker of antivirus software.
The Norton antivirus maker based in Mountain View, California said research it had done shows that a government was likely the entity that developed the malware that has been named Regin or the name Backdoor.Regin. However, Symantec did not release any names of countries or any possible victims.
Symantec said the design of Regin made it suited for long-term, persistent surveillance against its targets. It was withdrawn during 2011 but resurfaced against starting in 2013.
The malware used many stealth features and even when it was detected, it was very difficult to determine what it was doing, said Symantec officials.
The company said many of the Regin components remain undiscovered and more versions and functionality might exist.
Nearly 50% of all infections were at addresses of service providers of Internet, said the report. It said targets were clients of the service providers instead of the providers themselves.
Close to 28% of the targets in telecommunications while others were involved with energy, airline, research and hospitality, said Symantec.
The company described this malware as containing five separate stages, with each both encrypted and hidden with the first stage being the exception.
The antivirus software maker said each stage provides little data on the complete malware. Only through finding all five stages, can the threat be analyzed and understood.
Regin uses what is referred to as a modular approach, which allows the malware to load features that are customized to be tailor to its targets.
Cybersecurity is sensitive for businesses owners in the U.S., where several breaches have taken place in major companies and with retailers.
The government in the U.S. and private intelligence firms on the Internet have said they believed the hackers, which are state-backed, are in Russia or China.
Symantec said Saudi Arabia and Russia accounted for close to half of the confirmed Regin malware infections, while other countries where it was confirmed were Ireland, Mexico, Iran, India, Belgium Afghanistan, Pakistan and Austria.
This story was originally published by WKRB News (https://www.wkrb13.com) and is the sole property of WKRB News. If you are reading this article on another website, that means this article was illegally copied and re-published to this website in violation of U.S. and International copyright law. You can view the original version of this story at https://www.wkrb13.com/business/431346/spying-malware-since-2008-just-discovered.html