SUBSCRIBE TO OUR FREE NEWSLETTER
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
5
#000000
#FFFFFF
To donate by check, phone, or other method, see our More Ways to Give page.
Daily news & progressive opinion—funded by the people, not the corporations—delivered straight to your inbox.
Symantec, which published a technical whitepaper on the malware Sunday, says it's likely "one of the main cyberespionage tools used by a nation state." (Photo: Grant Hutchinson/flickr/cc)
Security researchers have recently exposed a sophisticated new "military grade" malware program which is specifically targeting governments, academics and telecoms and, according to new reports, is suspected as being the handiwork of U.S. and British intelligence agencies.
According to security analysts with the Russian security firm Kaspersky Lab, which has been tracking the malware known as "Regin" for two years, the technology has two main objectives: intelligence gathering and facilitating other types of attacks.
Perhaps most notable, security researchers point out, is that none of the targets are based in either the U.S. or U.K. According to the Guardian, 28 percent of victims are based in Russia and 24 percent are based in Saudi Arabia. Ireland, with 9 percent of detected infections, has the third highest number of targets.
Since initial signs of the malicious software emerged in 2008, there have only been 100 or so victims uncovered globally. These include telecom operators, government institutions, multi-national political bodies, financial institutions, research institutions, and individuals involved in advanced mathematical/cryptographical research.
Described as highly complex, the malware works by disguising itself as Microsoft software and then stealing data through such channels as "capturing screenshots, taking control of the mouse's point-and-click functions, stealing passwords, monitoring the victim's web activity and retrieving deleted files," according to Guardian reporter Tom Fox-Brewster.
Mikko Hypponen, chief research officer at F-Secure, told Fox-Brewster that his firm does not believe Regin was made by Russia or China, "the usual suspects." According to Fox-Brewster, this leaves the U.S., U.K. or Israel as the "most likely candidates," an assumption that Symantec threat researcher Candid Wueest said was "probable."
On Monday, Intercept reporters Morgan Marquis-Boire, Claudio Guarnieri, and Ryan Gallagher published the first of an investigative series on Regin. Specifically, they note, Regin is the suspected technology behind both a GCHQ surveillance attack on Belgium telecom operator Belacom as well as an infection of European Union computer systems carried out by the National Security Agency. Both attacks were revealed last year through documents leaked by NSA whistleblower Edward Snowden.
On Sunday, Symantec was the first to report on the technology, publishing a technical whitepaper which described Regin as "a complex piece of malware whose structure displays a degree of technical competence rarely seen."
"Its capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state," the paper continues.
Dear Common Dreams reader, The U.S. is on a fast track to authoritarianism like nothing I've ever seen. Meanwhile, corporate news outlets are utterly capitulating to Trump, twisting their coverage to avoid drawing his ire while lining up to stuff cash in his pockets. That's why I believe that Common Dreams is doing the best and most consequential reporting that we've ever done. Our small but mighty team is a progressive reporting powerhouse, covering the news every day that the corporate media never will. Our mission has always been simple: To inform. To inspire. And to ignite change for the common good. Now here's the key piece that I want all our readers to understand: None of this would be possible without your financial support. That's not just some fundraising cliche. It's the absolute and literal truth. We don't accept corporate advertising and never will. We don't have a paywall because we don't think people should be blocked from critical news based on their ability to pay. Everything we do is funded by the donations of readers like you. Will you donate now to help power the nonprofit, independent reporting of Common Dreams? Thank you for being a vital member of our community. Together, we can keep independent journalism alive when it’s needed most. - Craig Brown, Co-founder |
Security researchers have recently exposed a sophisticated new "military grade" malware program which is specifically targeting governments, academics and telecoms and, according to new reports, is suspected as being the handiwork of U.S. and British intelligence agencies.
According to security analysts with the Russian security firm Kaspersky Lab, which has been tracking the malware known as "Regin" for two years, the technology has two main objectives: intelligence gathering and facilitating other types of attacks.
Perhaps most notable, security researchers point out, is that none of the targets are based in either the U.S. or U.K. According to the Guardian, 28 percent of victims are based in Russia and 24 percent are based in Saudi Arabia. Ireland, with 9 percent of detected infections, has the third highest number of targets.
Since initial signs of the malicious software emerged in 2008, there have only been 100 or so victims uncovered globally. These include telecom operators, government institutions, multi-national political bodies, financial institutions, research institutions, and individuals involved in advanced mathematical/cryptographical research.
Described as highly complex, the malware works by disguising itself as Microsoft software and then stealing data through such channels as "capturing screenshots, taking control of the mouse's point-and-click functions, stealing passwords, monitoring the victim's web activity and retrieving deleted files," according to Guardian reporter Tom Fox-Brewster.
Mikko Hypponen, chief research officer at F-Secure, told Fox-Brewster that his firm does not believe Regin was made by Russia or China, "the usual suspects." According to Fox-Brewster, this leaves the U.S., U.K. or Israel as the "most likely candidates," an assumption that Symantec threat researcher Candid Wueest said was "probable."
On Monday, Intercept reporters Morgan Marquis-Boire, Claudio Guarnieri, and Ryan Gallagher published the first of an investigative series on Regin. Specifically, they note, Regin is the suspected technology behind both a GCHQ surveillance attack on Belgium telecom operator Belacom as well as an infection of European Union computer systems carried out by the National Security Agency. Both attacks were revealed last year through documents leaked by NSA whistleblower Edward Snowden.
On Sunday, Symantec was the first to report on the technology, publishing a technical whitepaper which described Regin as "a complex piece of malware whose structure displays a degree of technical competence rarely seen."
"Its capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state," the paper continues.
Security researchers have recently exposed a sophisticated new "military grade" malware program which is specifically targeting governments, academics and telecoms and, according to new reports, is suspected as being the handiwork of U.S. and British intelligence agencies.
According to security analysts with the Russian security firm Kaspersky Lab, which has been tracking the malware known as "Regin" for two years, the technology has two main objectives: intelligence gathering and facilitating other types of attacks.
Perhaps most notable, security researchers point out, is that none of the targets are based in either the U.S. or U.K. According to the Guardian, 28 percent of victims are based in Russia and 24 percent are based in Saudi Arabia. Ireland, with 9 percent of detected infections, has the third highest number of targets.
Since initial signs of the malicious software emerged in 2008, there have only been 100 or so victims uncovered globally. These include telecom operators, government institutions, multi-national political bodies, financial institutions, research institutions, and individuals involved in advanced mathematical/cryptographical research.
Described as highly complex, the malware works by disguising itself as Microsoft software and then stealing data through such channels as "capturing screenshots, taking control of the mouse's point-and-click functions, stealing passwords, monitoring the victim's web activity and retrieving deleted files," according to Guardian reporter Tom Fox-Brewster.
Mikko Hypponen, chief research officer at F-Secure, told Fox-Brewster that his firm does not believe Regin was made by Russia or China, "the usual suspects." According to Fox-Brewster, this leaves the U.S., U.K. or Israel as the "most likely candidates," an assumption that Symantec threat researcher Candid Wueest said was "probable."
On Monday, Intercept reporters Morgan Marquis-Boire, Claudio Guarnieri, and Ryan Gallagher published the first of an investigative series on Regin. Specifically, they note, Regin is the suspected technology behind both a GCHQ surveillance attack on Belgium telecom operator Belacom as well as an infection of European Union computer systems carried out by the National Security Agency. Both attacks were revealed last year through documents leaked by NSA whistleblower Edward Snowden.
On Sunday, Symantec was the first to report on the technology, publishing a technical whitepaper which described Regin as "a complex piece of malware whose structure displays a degree of technical competence rarely seen."
"Its capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state," the paper continues.