back to article Regin super-malware has Five Eyes fingerprints all over it says Kaspersky

The Regin malware, often described as the devil spawn of Stuxnet and Duqu, is the handiwork of the Five Eyes nation state spy apparatus, analysis reveals. The malware was named in November by researchers impressed with the smarts that helped it hide in plain sight for up to six years. Analysis overnight by Kaspersky malware …

  1. Ken Hagan Gold badge

    "Considering the extreme complexity of the Regin platform and little chance that it can be duplicated by somebody without having access to its source codes, we conclude the QWERTY malware developers and the Regin developers are the same or working together."

    "Extreme complexity"? This from people who have just reversed engineered both of them. Modest, huh?

    OTOH, it is to be hoped that their claim is correct. Part of GCHQ's job is to develop stuff like this so one would hope that they were investing at least some of their budget in such things and getting usable products out of it.

    1. Anonymous Coward

      "Extreme complexity"? This from people who have just reversed engineered both of them. Modest, huh?"

      Read up on it, not just Kaspersky, but other AV vendors as well and see how complex it is. Then comment.

      1. Ken Hagan Gold badge

        Why should I read up on it? What difference would that make to the point that these comments are being made by people who claim to have understood its complexity.

        1. Anonymous Coward
          Anonymous Coward

          Complexity is relative

          They're comparing is complexity to other malwares, not to the Linux kernel or Microsoft Office.

  2. Otto is a bear.

    I could say something unkind

    Like Hmmm, a Moscow based company "Revealing" something from the 5i, but the trouble with Malware is that once it's out there, there's nothing to stop anyone else using it. If Kaspersky can reverse engineer it, so can a Malware lab, or just plain copy it, as they are hardly in danger of action from software patent trolls.

    I'd say a bit of a leap to say who authored the whole platform based on one plugin.

    1. Anonymous Coward
      Anonymous Coward

      Re: I could say something unkind

      And the invisible gorilla in the room is that the lines between the criminal and the state sponsored groups is completely blurred so you can't really attribute for certain which code is going where to be used by whom. It's all down to who you know that has access to what and doesn't really mind all that much if you misuse it for another incident. If anything, the agencies may not object all that much as it does cover their operations from proper attribution.

      Oh my aching head!

  3. amanfromMars 1 Silver badge

    Caveat Emptor

    Sony'sGCHQ’s/NSA’s/FSB’s/Unit 8200’s Rights to User's Material

    If you send any communications or materials to the Site by electronic mail or otherwise, including any comments, data, questions, suggestions, or the like, all such communications are, and will be treated as, non-confidential and non-proprietary. Thus, you give up any claim that any use of such material violates any of your rights including moral rights, privacy rights, proprietary or other property rights, publicity rights, rights to credit for material or ideas, or any other right, including the right to approve the way Sony uses such material.

    Any material submitted to this Site may be adapted, broadcast, changed, copied, disclosed, licensed, performed, posted, published, sold, transmitted, or used by Sony anywhere in the world, in any medium, forever. Furthermore, SonyGCHQ/NSA/FSB/Unit 8200 is free to use, without any compensation to you, any concepts, ideas, know-how, or techniques contained in any communication you send to the Site for any purpose whatsoever, including but not limited to developing, manufacturing, and marketing products using such information. However, you agree and understand that SonyGCHQ/NSA/FSB/Unit 8200 is not obligated to use any such ideas or materials, and you have no rights to compel such use. ……. SonyTerms and Conditions of Use

    Sellers/Punters/Buyers/Hackers Beware and be Aware when being a Ware.

  4. Pen-y-gors


    Does the SpyShelter anti-keylogger software (see yesterday's article) detect/block this?

    I think we should be told...

  5. king of foo


    Genius. I wonder if The Black Death started out in a similar vein...

  6. Sanctimonious Prick

    "hide in plain sight for up to six years."

    I don't know a great deal about anti-malware, but how did this happen?

  7. Daniel B.
    Black Helicopters

    Five Eyes

    There seems to be a lot of comic book humor within the national intelligence services. "Five Eyes" is the kind of name you'd expect to see for a James Bond supervillain convention or a Marvel nemesis alliance. It would blend in nicely with Iron Man's "Twelve Rings". Maybe that one's real as w--%$%&·$%/·$%&·$%&·


POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Other stories you might like