Sophisticated Back-Door Trojan Found by Symantec

The security company Symantec has identified a new type of malware which they named Regin. What's really interesting is that this Trojan is incredibly sophisticated and it is more likely to be created and used by a nation state than by independent groups of hackers.

Symantec is an IT company based in Mountain View, US. Mainly known for its security products, the business also makes storage, backup and availability programs. From the company's assessment, Regin is a back-door Trojan designed to spy on government agencies, infrastructure operators, businesses, as well as individuals. This cyber espionage tool is highly customizable and so sophisticated that the researchers were unable to tell exactly what it does, but its latest version was mainly utilized for attacking telecommunications infrastructure and tracing calls.

Another interesting aspect is the amount of effort put into concealing the malware. From what we know so far, Regin may have been infecting systems and gathering data unnoticed for the past eight years, as the first traces of its existence date back to 2006. The cyber espionage tool is actually a five stage threat, each of them (excepting the first) being encrypted and triggered by the previous one. Basically, this means that the only way to fully understand its full potential is to gain access to all the stages.

Creating and maintaining a Trojan with this kind of level of sophistication takes a high amount of work and investments, so it's much more probable to be the work of a nation rather than a random group of hackers. However, the name of the country that created and used this tool is yet unknown.

Source: PC World.