Just when you thought it was safe to turn on your computer, a new threat emerges from the deep, dark recesses of the internet. Introducing Regin. A modular piece of malware running on the Windows platform designed to monitor and steal data.
This Re/code article has all the details, such as they are at the moment. The good news is that this doesn’t seem to be widely deployed. Symantec, who discovered and named Regin, are concluding that it is the work of a government agency and that the targets are high value in terms of information, such as corporations and institutions. The full report from Symatec is available here.
Being of a modular design, it would be hard to clean a machine. You might think you cleaned a bit of it, but if an undetected module remains, it can continue to compromise a machine. Probably best to blow away your Windows install and start again. But only around 100 compromised machines have been discovered so far.
It is unknown how it spreads. Let’s hope it has to be targeted at a particular machine, and can not spread itself all over the Internet. Spying and surveillance is a necessary tool against the bad guys, but if malware like this gets everywhere, then it becomes a mass surveillance tool. Something that George Orwell would recognise.