Veil slips from deep spying game
Computer security experts have uncovered one of the most malicious pieces of software they have seen, and it could be a secret surveillance program for world governments.
Leading computer security company Symantec says the bug, named Regin, is one of the most sophisticated pieces of malware ever detected.
Tech media outlets are reporting that documents leaked by Edward Snowden show Regin was used against targets in the European Union.
The blame has been laid on British and American spy agencies.
Symantec has only caught a few glimpses of Regin, but has already seen it used against a range of targets around the world.
Computers in Russia, Saudi Arabia and Ireland have been most infected.
It has been used to spy on governments, infrastructure operators, businesses, researchers, and private individuals.
Regin works as a trojan program to steal data from machines and networks it infects, while disguised as Microsoft software.
It is a multi-stage attack, with each stage encrypted separately so that none by themselves could reveal anything big about the overall attack.
“The picture only emerges when you have all five stages,” authority Larry Seltzer says.
But it is still unclear what Regin actually does.
Symantec knows that it can to the more ‘mundane’ malware moves - password stealing, captured screens, stealing files (even deleted ones) - but it seems to make use odd techniques as a means of stealth such as a custom-built encrypted virtual file system.
Symantec says that the modular nature and many components of Regin remain hard to penetrate.