Well, it looks like the dark world of cyber spooks and such have been up to "funny business" once again, only using different names for a serious Malware Trojan originally called "Regin" but now has a twin brother by the name "Qwerty".
What are “Regin” and QWERTY? They are known as...
“keyloggers”. Two software security experts from Russia and the US (Kaspersky and SYMANTIC) have been working on this… There sources were from the Edward Snowden which described ever more sophisticated complex digital weapons being developed by intelligence services in the US and elsewhere.
So who, what and where did this originate from? Ever hear of “Five Eyes Alliance”? This is a group which includes the US, Britain, Canada, Australia and New Zealand. This Malware belongs to this group of Allies.
"Last fall, Kaspersky and the US security company Symantec both reported for the first time the discovery of a cyber-weapon system which they christened "Regin". According to Kaspersky, the malware had already been in circulation for 10 years and had been deployed against targets in at least 14 countries, including Germany, Belgium and Brazil but also India and Indonesia.”
We are certain that we are looking at the keylogger-module from Regin," Costin Raiu, head of research for Kaspersky, said of the code published by SPIEGEL. A keylogger is a program that can record keys struck on a keyboard -- thus logging sensitive information such as passwords, email addresses and text documents -- and then send that information back to the malware programmer.
"Pursuant to our technical analysis, QWERTY is identical with the Regin plug-in 50251," Raiu says. In addition, the analysis revealed that Regin is apparently an attack platform that can be used by several different institutions in several different countries. Kaspersky published its findings in a blog post on Tuesday.”
Regin was also apparently involved in the attack on the Belgian telecommunications firm Belgacom. And Belgacom, as SPIEGEL reported in the summer of 2013, was a target of the British intelligence agency GCHQ. Ronald Prins, head of the Dutch security company Fox IT, which analyzed the attack on Belgacom, told SPIEGEL ONLINE in the summer of 2011 that Regin appeared to be a tool belonging to the NSA and GCHQ.”
In the last several years, the original malware Regin was found to be as the cyber –weapon that had been behind quite a few digital attacks:
1) European Commission in 2011.
2) International Atomic Energy Agency, based in Vienna
3) In the computer of a member of the department for European affairs in Angela Merkel's Chancellery.
4) Belgacom, as mentioned above.
“The Federal Office for Information Security says that Regin has not yet been found on official German government computers.
It seems likely that more Regin discoveries will be made. Kaspersky alone, says Raiu, has found the malware in computers belonging to 27 international companies, governments and private persons.”
As more of the Edward Snowden material comes forth, we will read about such nefarious cyber warfare and their intended targets. Welcome to the Brave New World.
Warfare without the bloodshed.... For now.
Much of this diary was from "Der Spiegel" On-Line article Compiled on January 27, 2015, 06:51 PM CET. All credits for their journalism go them.
http://www.spiegel.de/...
Be safe out there.