Home Meet Regin, Government-Created Spyware That’s Been Active Since 2008

Meet Regin, Government-Created Spyware That’s Been Active Since 2008

Symantec has uncovered yet another sophisticated, malware-based spying tool, dubbed “Regin,” apparently the latest spyware tool created by a national government agency.

The company’s research, published Sunday, identifies Regin—also known as Backdoor.Regin—as a Trojan virus that exhibits “a degree of technical competence rarely seen” on behalf of its creators. Its purpose appears to be mass surveillance of government organizations, businesses, researchers, and individuals. And it’s been on the loose since 2008. Writes Symantec:

It is likely that its development took months, if not years, to complete and its authors have gone to great lengths to cover its tracks. Its capabilities and the level of resources behind Regin indicate that it is one of the main cyberespionage tools used by a nation state.

Symantec has been unable to identify the origin of the software, but Re/code reporter Arik Hesseldahl suggests that the U.S., Israeli, and Chinese governments all have the technological capability and M.O. to engineer it. Also raising suspicions: not one Regin attack has targeted either the U.S. or China.

See also: The Flame Virus: Spyware On An Unprecedented Scale

Private researchers have uncovered several instances of such government-created spyware over the past few years—most notably, the Stuxnet malware (also discovered by Symantec) that targeted Iran’s nuclear program and Flame, a much larger program that infected hundreds of computers across Europe and the Middle East.

In any case, Regin’s targets are decidedly global. Symantec has detected about 100 different infections in ten different countries, including Russia, Saudi Arabia, and Mexico. Nearly half of all targets for surveillance, 48%, are small businesses and private individuals. In every case identified, Regin attacks systems that are running Microsoft Windows.

Symantec wrote that Regin attacks have been occurring since 2008, and it may have taken this long to discover them since a major function of the software is to cover its own tracks.

Researchers are still unpacking the mysteries of this complicated program. For more technical information, Symantec has published a 21-page white paper.

Photo by nolifebeforecoffee

About ReadWrite’s Editorial Process

The ReadWrite Editorial policy involves closely monitoring the tech industry for major developments, new product launches, AI breakthroughs, video game releases and other newsworthy events. Editors assign relevant stories to staff writers or freelance contributors with expertise in each particular topic area. Before publication, articles go through a rigorous round of editing for accuracy, clarity, and to ensure adherence to ReadWrite's style guidelines.

Get the biggest tech headlines of the day delivered to your inbox

    By signing up, you agree to our Terms and Privacy Policy. Unsubscribe anytime.

    Tech News

    Explore the latest in tech with our Tech News. We cut through the noise for concise, relevant updates, keeping you informed about the rapidly evolving tech landscape with curated content that separates signal from noise.

    In-Depth Tech Stories

    Explore tech impact in In-Depth Stories. Narrative data journalism offers comprehensive analyses, revealing stories behind data. Understand industry trends for a deeper perspective on tech's intricate relationships with society.

    Expert Reviews

    Empower decisions with Expert Reviews, merging industry expertise and insightful analysis. Delve into tech intricacies, get the best deals, and stay ahead with our trustworthy guide to navigating the ever-changing tech market.