GCHQ And NSA Are Linked To Regin Malware That Has Been Infecting Belgacom Since 2008

Posted: Nov 25 2014, 3:27am CST | by , in Rumors | Technology News


GCHQ and NSA are linked to Regin Malware that has been infecting Belgacom since 2008

Rumor has it that British intelligence along with US intelligence have developed a complex malware known as Regin. The main targets of this malware are a Belgian telecommunication company and European Union.

According to the technical analysis conducted by The Intercept and security industry sources, the US and British intelligence agencies have collaborated in order to create a convoluted malware whose main targets are a Belgian telecommunications company and European Union.

Belgacom came to know about Regin when it infected their email servers and internal computer systems. According to Intercept, the organization was the prime target in a top secret surveillance operation conducted by the British spy agency. 

The malware disguises itself as a legitimate Microsoft software and it steals data from the computer. The National Security Agency was able to identify this malware on some of the European Union computer systems.

Information regarding the hack against the European Union and Belgacom was first revealed last year, when Edward Snowden a NSA Whistleblower leaked some documents regarding the operation. However, the name of the malware was not disclosed in those documents. 

On Sunday, Symantec, a security firm discovered the existence of Regin malware. According to Symantec, it is among the most convoluted and sophisticated malware ever discovered by researchers. Belgacom appointed a security company called Fox IT in order to get rid of the malware.

The CEO of Fox IT, Ronald Prins said that Regin is the most sophisticated malware. In addition to this, he said that after analyzing the malware and looking at the previously documented Snowden files, he is convinced that the American and the British intelligence are creator of this malware. 

When a spokesman from Belgacom was questioned regarding Regin revelations, he refused to comment. All he said that the company has shared everything about the attack with a prosecutor in Belgium. He is a federal prosecutor who is conducting an investigation regarding the intrusion. In addition to this, Jan Margot said that it is not possible for the company to comment on it.

In 2010, GCHQ was able to gain access to Belgacom’s internal system by targeting the computers of the engineers. The agency was able to store a malware called implants on the employees’ system by sending their net connection to a counterfeited LinkedIn page.  This malicious LinkedIn page launched a malware attack that infected the engineers’ computer.

The malware also granted access and control to spies. It allowed the spies to steal information that was present deep inside Belgacom’s network. Implant also allowed GCHQ to do surveillance of the internal communication of Belgacom and it permitted the British spies to gather information about Belgacom customers, which includes the European Parliament, the European Commission and the European Council. The malware implant is basically a part the suite of malware which is now known as Regin. 

It took more than a decade for Regin to fully develop. According to The Intercept, traces of Regins components date back as far as 2003 and it was recently mentioned at a Hack.lu conference that took place in Luxembourg. Regin is known for its stealth and because of that it is very hard to detect. 

Source: TheIntercept

You May Like


The Author

M. Affan covers the hottest news that captivate the web today.




Leave a Comment

Share this Story

Follow Us
Follow I4U News on Twitter
Follow I4U News on Facebook

You Also Like


Read the Latest from I4U News