Researchers link carrier-focused malware to US and UK spy agencies

Anti-surveillance protest in Germany

Symantec said that the recently detailed Regin spyware looked like it was created for government surveillance, and there’s now some strong support for that claim. Both Kaspersky Lab and Wired understand that the super-sophisticated malware was used to infiltrate both Belgian carrier Belgacom and cryptographer Jean-Jacques Quisquater. Given that the NSA and Britain’s GCHQ have been linked to these malware attacks, it’s easy to connect the dots — from all indications, one or both spy agencies used Regin to snoop on these targets. There are also hints that it may have been used to hack into the European Commission back in 2011. The Commission’s director of security couldn’t tell Wired if the malware in that incident was the same, but the code involve was built from a “series of elements” that worked together, like Regin does.

There’s more: Kaspersky notes that Regin can not only attack GSM base stations used by cellular providers, but that it was used in one unnamed Middle Eastern country to create a network of infected systems (still active to this day) that can share commands and data. The network includes the office of the country’s president, a bank and educational institutions, among others. While instances like this haven’t been directly linked to espionage, they line up with Edward Snowden leaks showing that the NSA likes to intercept every call in some countries.

Provided the discoveries hold up, they confirm what many had suspected: that American and British intelligence outfits are not only using malware to spy on protected targets, but are using code specially built for the purpose. It’s not totally surprising given what we now know about online surveillance or the existence of cyberwarfare tools like Stuxnet. However, it hints that the American and British governments see custom malware as a regular part of their arsenals, not just something for extreme circumstances.

[Image credit: Sean Gallup/Getty Images]

Filed under:

Comments

Source: Wired, Securelist

Source: Engadget - Read the full article here

Author: Daily Tech Whip

This article is part of our 'News Tiles' service. The site is currently in Beta. When it is fully operational you will be able to search through and arrange the 'Tiles' to display a keyword, product or technology over your chosen time period. For example you would be able to display all of the leading tech articles on the new Kindle Fire, in one spot in real time. You will also have access to our own original reporting and analysis as well as a polished place to post your own thoughts & reviews here, amongst the Daily Tech Whip Community. Please let us know if you have any feedback via the contact form or via Twitter. Don't forget to come back next week and see our full site and claim your name and your own free tech blog.

Share This Post On