by Michael Mimoso January 27, 2015
Researchers at Kaspersky Lab have discovered shared code and functionality between the Regin malware platform and a similar platform described in a newly disclosed set of Edward Snowden documents 10 days ago by Germany’s Der Spiegel.
The link, found in a keylogger called QWERTY allegedly used by the so-called Five Eyes, leads them to conclude that the developers of each platform are either the same, or work closely together.
“Considering the extreme complexity of the Regin platform and little chance that it can be duplicated by somebody without having access to its source codes, we conclude the QWERTY malware developers and the Regin developers are the same or working together,” wrote Kaspersky Lab researchers Costin Raiu and Igor Soumenkov today in a published report.
Full Article
Userlevel 7
By Lucian Constantin
Keylogging malware that may have been used by the NSA shares signficant portions of code with a component of Regin, a sophisticated platform that has been used to spy on businesses, government institutions and private individuals for years.
The keylogger program, likely part of an attack framework used by the U.S. National Security Agency and its intelligence partners, is dubbed QWERTY and was among the files that former NSA contractor Edward Snowden leaked to journalists. It was released by German news magazine Der Spiegel on Jan. 17 along with a larger collection of secret documents about the malware capabilities of the NSA and the other Five Eyes partners -- the intelligence agencies of the U.K., Canada, Australia and New Zealand.
full article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.