Regin (malware)

Regin (also known as Prax or QWERTY) is a sophisticated malware and hacking toolkit used by United States' National Security Agency (NSA) and its British counterpart, the Government Communications Headquarters (GCHQ). It was first publicly revealed by Kaspersky Lab, Symantec, and The Intercept in November 2014. The malware targets specific users of Microsoft Windows-based computers and has been linked to the US intelligence-gathering agency NSA and its British counterpart, the GCHQ. The Intercept provided samples of Regin for download, including malware discovered at a Belgian telecommunications provider, Belgacom. Kaspersky Lab says it first became aware of Regin in spring 2012, but some of the earliest samples date from 2003. (The name Regin is first found on the VirusTotal website on 9 March 2011.) Among computers infected worldwide by Regin, 28 percent were in Russia, 24 percent in Saudi Arabia, 9 percent each in Mexico and Ireland, and 5 percent in each of India, Afghanistan, Iran, Belgium, Austria, and Pakistan.

Kaspersky has said the malware's main victims are private individuals, small businesses and telecom companies. Regin has been compared to Stuxnet and is thought to have been developed by "well-resourced teams of developers", possibly a Western government, as a targeted multi-purpose data collection tool.

According to Die Welt, security experts at Microsoft gave it the name "Regin" in 2011, after the cunning Norse dwarf Regin.

This article is issued from Wikipedia. The text is licensed under Creative Commons - Attribution - Sharealike. Additional terms may apply for the media files.