Regin: UK and US intelligence services could be responsible for snooping spyware

Bug had been found on computers at the European Union and could monitor phone networks

Andrew Griffin
Tuesday 25 November 2014 05:44 EST
The malware uses several 'stealth' features and even when its presence is detected, it is very difficult to work out what it is doing
The malware uses several 'stealth' features and even when its presence is detected, it is very difficult to work out what it is doing (Rex)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

A powerful and malicious piece of computer software that was found to have been spying on governments and companies from around the world has been linked to US and UK intelligence agencies.

The software, which when it was identified yesterday was said to have likely been created by a nation state, had been spying on victims from at least 14 countries around the world. But there were no victims from any of the ‘five eyes’ countries — Australia, Canada, New Zealand, the UK and the US — and experts have speculated that the software could have been created by intelligence agencies within one or more of those countries.

The usual suspects such as Russia and China have been ruled out, experts said, and so interest is now focused on the US, UK and Israel as the most likely candidates, security experts told the Guardian.

Victims were found in countries including Belgium, Brazil, Germany, Iran and Syria, according to Kaspersky Lab, the Russia-based security company. Most were based in Russia or Saudi Arabia.

The company had become aware of the threat in 2012, and has been tracking it since. The complexity of the software made it hard to explore, but its use in several attacks on government institutions and telephone companies gave experts a chance to study it.

The software is able to control GSM phone networks, allowing it to redirect calls and operate cells. “At the present time, the attackers behind Regin are the only ones known to have been capable of doing such operations,” Kaspersky Lab said.

Researchers found that it was not simply one piece of software, but a platform that could spread across a whole network and gain full control of it. That meant that once the software made its way into one computer, it could spread quickly across the world, and helped the software stay hidden.

The earliest samples of the software appear as early as 2003, according to Kaspersky Lab.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in