GIFT a SubscriptionGift
HamberMenu
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon
  1. Cricket
  2. Data
  3. Health
  4. Opinion
  5. SEARCH Icon

To enjoy additional benefits

GIFT a SubscriptionGift
ShowcaseCrossword+

CONNECT WITH US

year
Click here for our in-depth coverage of Lok Sabha and Assembly elections #ElectionsWithTheHindu

Symantec uncovers stealth virus used to spy on companies, govts. since 2008

November 24, 2014 11:52 pm | Updated November 25, 2014 08:13 am IST

Reuters
Symantec described the malware as having five stages, each “hidden and encrypted, with the exception of the first stage”.

Symantec described the malware as having five stages, each “hidden and encrypted, with the exception of the first stage”.

An advanced malicious software application has been uncovered that since 2008 was used to spy on private companies, governments, research institutes and individuals in 10 countries, antivirus-software-maker Symantec Corp said in a report on Sunday.

While Symantec did not identify any culprit or victims, the California-based maker of Norton antivirus products said its research pointed to a “nation state” being the likely developer of malware Regin, or Backdoor.Regin.

Symantec said Regin’s design “makes it highly suited for persistent, long-term surveillance operations against targets”, and was withdrawn in 2011 but resurfaced from 2013 onward. The malware uses several “stealth features and even when its presence is detected, it is very difficult to ascertain what it is doing,” according to Symantec. It said “many components of Regin remain undiscovered and additional functionality and versions may exist.”

Almost half of all infections occurred at addresses of Internet service providers, the report said. It said the targets were customers of the companies rather than the companies themselves.

About 28 percent of targets were in the telecom sector while other victims were in energy, airline, hospitality and research, Symantec said.

Five stages Symantec described the malware as having five stages, each “hidden and encrypted, with the exception of the first stage”.

“Each individual stage provides little information on the complete package. Only by acquiring all five stages is it possible to analyse and understand the threat,” it said.

Regin also uses a “modular approach” that allows it to load custom features tailored for targets — the same method is applied in other malware such as Flamer and Weevil (The Mask), the antivirus company said. Some of its features were also similar to the malware Duqu, which was uncovered in September 2011 and related to a computer worm discovered the previous year called Stuxnet.

Cybersecurity is a sensitive topic for businesses in the United States, where there have been several breaches of information among major companies and customers.

The U.S. government and private cyber intelligence firms have said they suspect state-backed hackers in China or Russia may be responsible. —

Related Topics

IT/computer sciences

Top News Today

0 / 0
Sign in to unlock member-only benefits!
  • Access 10 free stories every month
  • Save stories to read later
  • Access to comment on every story
  • Sign-up/manage your newsletter subscriptions with a single click
  • Get notified by email for early access to discounts & offers on our products
Sign in

Comments

Comments have to be in English, and in full sentences. They cannot be abusive or personal. Please abide by our community guidelines for posting your comments.

We have migrated to a new commenting platform. If you are already a registered user of The Hindu and logged in, you may continue to engage with our articles. If you do not have an account please register and login to post comments. Users can access their older comments by logging into their accounts on Vuukle.