Regin
-
First known sample
2003 -
Discovery
2012 -
Number of targets
1-100 -
Current status
Active -
Type
Complex cyberattack platform , Rootkit , Trojan -
Targeted platforms
Windows -
TOP targeted countries
Afghanistan , Algeria , Belgium , Brazil , Fiji , Germany , India , Indonesia , Iran , Kiribati , Malaysia , Pakistan , Russia , Syria
-
The way of propagation
USB drives -
Purpose/Functions
Cyberespionage , Facilitating other types of attacks , Remote control -
Special features
Regin – the first cyber-attack platform known to penetrate and monitor GSM networks in addition to other “standard” spying tasks.
-
Targets
Academia/Research , Financial institutions , Government entities , Multi-national political bodies , Specific individuals , Telecoms -
Artefacts/Attribution
Considering the complexity and cost of Regin development, it is likely that this operation is supported by a nation-state.
-
Description
A malware toolkit designed primarily for the purposes of intelligence gathering that’s been facilitating attacks since 2012. The initial infection method is still unknown, but once inside, the cyber-attack platform is deployed for ultimate remote control at all levels. Victims are primarily representatives of the government, political bodies, research institutions, and financial organizations from the Middle East and Europe.