Regin is a new and complex malware that is described as a ‘top-tier espionage tool’ by Symantec who have identified the surveillance software.
Regin is a multi-purpose data collection tool that has been in use since 2008. It was withdrawn from use in 2011 and then reappeared in 2013.
Symantec believe that Regin is without peer in terms of its sophistication and complexity. Their analysis suggests that the software is of a level of sophistication that it is likely to have been written by a Nation state, most probably a western government agency.
Regin is multi-stage Remote Access Trojan (RAT) that has a six-stage architecture. The later stages allow the controllers to deploy a wide variety of payloads. These range from recovery of deleted files, stealing passwords, sniffing network traffic to crawling through the file system.
Recent Comments