Regin: UK and US intelligence services could be responsible for snooping spyware

Bug had been found on computers at the European Union and could monitor phone networks

Andrew Griffin
Tuesday 25 November 2014 10:44 GMT
The malware uses several 'stealth' features and even when its presence is detected, it is very difficult to work out what it is doing
The malware uses several 'stealth' features and even when its presence is detected, it is very difficult to work out what it is doing

A powerful and malicious piece of computer software that was found to have been spying on governments and companies from around the world has been linked to US and UK intelligence agencies.

The software, which when it was identified yesterday was said to have likely been created by a nation state, had been spying on victims from at least 14 countries around the world. But there were no victims from any of the ‘five eyes’ countries — Australia, Canada, New Zealand, the UK and the US — and experts have speculated that the software could have been created by intelligence agencies within one or more of those countries.

The usual suspects such as Russia and China have been ruled out, experts said, and so interest is now focused on the US, UK and Israel as the most likely candidates, security experts told the Guardian.

Victims were found in countries including Belgium, Brazil, Germany, Iran and Syria, according to Kaspersky Lab, the Russia-based security company. Most were based in Russia or Saudi Arabia.

The company had become aware of the threat in 2012, and has been tracking it since. The complexity of the software made it hard to explore, but its use in several attacks on government institutions and telephone companies gave experts a chance to study it.

The software is able to control GSM phone networks, allowing it to redirect calls and operate cells. “At the present time, the attackers behind Regin are the only ones known to have been capable of doing such operations,” Kaspersky Lab said.

The earliest samples of the software appear as early as 2003, according to Kaspersky Lab.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in