Symantec reported the discovery of new malware named Regin whose main purpose “is intelligence gathering and it has been implicated in data collection operations against government organizations, infrastructure operators, businesses, academics, and private individuals.” On November 24, 2014 Symantec issued a report entitled “Regin: Top-tier espionage tool enables stealthy surveillance” which is a “back door-type Trojan, …a complex piece of malware whose structure displays a degree of technical competence rarely seen” which has “been used in systematic spying campaigns against a range of international targets since at least 2008.” The report identifies the following Regin infections by sector in these 10 countries Saudi Arabia, Russia, Pakistan, Afghanistan, India, Mexico, Ireland, Belgium and Austria:
48% Privacy individuals and small businesses
28% Telecoms backbones
Also Symantec stated that the “Regin infections have been observed in a variety of organizations between 2008 and 2011, after which it was abruptly withdrawn. A new version of the malware resurfaced from 2013 onwards.”
The New York Times reported:
The multi-staged design of the malware is akin to that of other espionage tools that security researchers believe were the work of nation states, notably Flame, Stuxnet and Duqu — three pieces of malware that were used to spy on computers in Iran and were believed to be a joint effort by the United States and Israel.
Back door Trojan malware is a reality of life, and businesses need to be vigilant to protect their systems and data.