It is reported that, "Regin" highly customizable features that allow hackers to launch remote Trojan attacks to steal user passwords and other private data.For example, the software can learn the user clicks the mouse functionality, interception pictures on your computer is infected, monitor network traffic analysis, such as e-mail from the Exchange database.
Symantec said the malware, called "Regin or Backdoor.Regin" is very suitable for long-term goals, continuous monitoring, the project had withdrawn in 2011, but it appears again in 2013.
It is understood that such malicious software can be divided into five stages, in addition to the first stage, each stage will "hide and encrypt." Each stage will provide very little information, and only get all the five phases of the data, it is possible to analyze and understand the specific threat. In addition, Regin also used the "modular approach" which is loaded customization features for the target.
Symantec said, Regin infected target group is widely distributed, about half from Russia and Saudi Arabia, while others come from Mexico, Ireland, India, Iran, Afghanistan, Belgium, Australia and Pakistan. Regin can infect Internet service providers and telecommunications infrastructure companies, as well as aviation, energy, hospitals and other research areas.
0 التعليقات:
Post a Comment