G DATA publishes tool against spyware Regin
Regin attacks companies, organisations, researchers and authorities
Possible state sponsored spyware
"Regin is a complex and highly sophisticated spyware that enables attackers to gain full control and monitor everything in a network," explains Eddy Willems, G DATA Security Evangelist. "We think this malware was originally created by a secret service because implementing such malware requires immense amounts of time and money."
G DATA script detects the spyware
The G DATA SecurityLabs have responded immediately and developed a script that can be used independently of the security solutions used in order to identify files created and used by Regin on infected systems. The script detects virtual file systems created by Regin and raises the alarm. Version 2 of the Python program is required to execute the script: www.python.org
The script is designed specifically for IT managers and experts.
What is Regin?
Spyware Regin is designed to steal highly sensitive and secret information from high-potential networks such as state institutions, intelligence services or large companies and to monitor the attack targets. At present, we are aware of attacks on targets in 18 countries, including Germany, Russia, Syria and India.
For detailed information on Regin and the link to the script, see the
G DATA Security Blog.