Thread: Regin - malware (probably) by GCHQ, maybe in co-operation with the NSA
View Single Post
Old 25-11-2014, 12:51   #1
Ignitionnet
Inactive
 
Join Date: Jun 2008
Location: Leeds, West Yorkshire
Age: 47
Posts: 13,995
Ignitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny stars
Ignitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny starsIgnitionnet has a pair of shiny stars
Regin - malware (probably) by GCHQ, maybe in co-operation with the NSA
Quote:
A highly advanced malware instance said to be as sophisticated as the famous Stuxnet and Duqu has has been detected. "Regin" has security researchers opining it may be nastier than both.

"Regin" malware is thought to have been developed by a nation-state because of the financial clout needed to produce code of this complexity. The malware targets organisations in the telecommunications, energy and health sectors.
http://www.theregister.co.uk/2014/11/24/regin/
http://www.theregister.co.uk/2014/11..._silent_about/

This beastie 'does' GSM networks too, and is suspected to be behind the Belgacom hacks and been used to pwn the European Commission, amongst a number of other targets.

QTX - a gift for you - password is 'infected'.

Rest of you, that's a link to the Regin modules found thusfar in the wild - do you really want that on your computer? If you do, stick it in a VM on a sinkholed network. If you need to Google what a VM on a sinkholed network is leave it alone
Ignitionnet is offline   Reply With Quote