Advanced virus has been keeping track of computers since 2008.

The most complex malware programs are designed so that they cannot be noticed. Symantec has discovered a program called Regin that has been following everyone from governments to individuals since at least 2008. The virus is highly customizable, allowing its owners to get both remote access and screenshots, or to monitor network traffic.

Regin Troyan has been following corporations, telecom operators, researchers, governments and private users. Most likely, the creation of such a universal Trojan took months, if not years. Symantec claims it is arguably the best cyber espionage tool.



The virus was detected in various organizations from 2008 to 2011, after which it suddenly disappeared and reappeared in 2013. More than half of the infected computers belonged to small businesses and ordinary users. Attacks on telecommunications companies appeared to be needed to track call data. What about geographic focus:

• Russia - 28%
• Saudi Arabia - 24%
• Mexico and Ireland - 9% each
• India, Afghanistan, Iran, Belgium, Austria, Pakistan - 5% each

')
The official Symantec Report states that BackDoor.Regin works in several stages. The first stage begins the chain of decoding and loading each subsequent stage to the fifth.