Tricky Regin malware poses biggest threat outside US The hard-to-detect malware is a Swiss Army knife of clandestine tools to extract information from targets in non-English speaking countries, experts say. News of the latest advanced malicious software threat called Regin comes with a silver lining. The good news is most people in the English-speaking world wont have to worry about it. The bad news? Everyone else does. Pronounced region, the malware is a cyber-espionage tool built to steal the secrets of many foreign governments and businesses, said a report published Sunday by security specialist Symantec. Regin avoids detection with a specialized design as it ferrets out critical information. Its been used since 2008 to infiltrate email databases, monitor network traffic, steal passwords, snag screenshots and record mouse clicks. Once you are a target its been proven to be very effective, said Joost Bijl of Fox IT, a Dutch computer security company hired by Belgian telecommunications firm to remove its Regin from its systems. International espionage has entered the 21st century through viruses, malware and other targeted pieces of software designed to steal state secrets and break computers. Stuxnet, a powerful program said to have been created by the United States and Israel, is believed to have damaged some of Irans nuclear ambitions, thanks to the use of a simple USB drive. The conflict that has followed is fierce. Armies of government-sponsored hackers have attacked computer systems all over the world, using a variety of software tools at their disposal. Regin could represent a new, more advanced wave, something Symantec called groundbreaking and almost peerless in its report. Why is it so special? Who it targets, and who it doesnt. While many of the documents leaked by National Security Agency contractor Edward Snowden last year point to espionage committed against the closest of US allies, Regin appears to have spared five English-speaking countries: The US, the United Kingdom, Australia, New Zealand and Canada. Among the countries where researchers detected infections were Germany, Russia, Saudi Arabia, Syria, Brazil, Belgium, Mexico, India, and Ireland. While the advanced nature of Regin makes it hard to detect and resistant to forensic analysis, its not likely to filter down to affect the average Internet user -- even in targeted countries. Regin is aimed at telecommunications firms, critical infrastructure providers and businesses. Those companies and government agencies should make sure they encrypt their data and communications so only authorized people can read them, said Symantec researcher Vikram Thakur. Also, he said employees should be judicious about which emails they read. Dont just open up every free coupon that shows up in your email. Despite the risks to businesses likely to be targeted by Regin, theres little concern its advanced design will find its way into the hands of cyber-criminals who target consumers identities, said Timo Hirvonen, a senior researcher at Finnish computer security company F-Secure. Its so advanced, Regin isnt worth the effort it would take to copy . Were not going to see copycats targeting consumers, Hirvonen said.
Posted on: Tue, 25 Nov 2014 22:23:16 +0000
Trending Topics
Recently Viewed Topics
© 2015