Following on the news from Symantec of Regin, a worldly and expected state-developed malware for absolute surveillance, Kaspersky has released their possess report. F-Secure has also suggested some of their findings.
The Kaspersky report entitled “The Regin Platform – Nation-State Ownership of GSM Networks” emphasizes a capability of Regin that Symantec also mentioned: It spies on GSM mobile networks. Inside one representation they found what “…appears to be an activity record on a GSM Base Station Controller.” Kaspersky describes a information collected, including a usernames and passwords of some engineering accounts.
Must See Gallery
Kaspersky also describes some of a CC (Command and Control) activity of Regin. Like all else about it, a CC is worldly and stealthy, though they brand 4 CC server IP addresses; dual in India, one in Taiwan and one in Belgium. The news also calls out a infections they found one specific Middle Eastern country. In this country:
…all a victims we identified promulgate with any other, combining a peer-to-peer network. The P2P network includes a president’s office, a investigate center, an educational establishment network and a bank.
F-Secure has combined some information about Regin in their blog. Additionally, F-Secure’s Mikko Hypponen says that they trust that Regin is a malware used to attack famed cryptographer Jean-Jacques Quisquater. At a time a source of a conflict was rumored to be a NSA/GSCQ, though no genuine justification was presented.
F-Secure doesn’t know who wrote Regin, though says that they trust it is not entrance from Russia or China. Kaspersky doesn’t supplement most to a contention of who is responsible, though they do supplement a graph next to uncover a growth timestamps of a executables. These demeanour roughly like a eastern US work day, though a information could be faked.