Menu
Germany probes Regin-powered cyberespionage

Germany probes Regin-powered cyberespionage

The malware program was found on the laptop of a German federal official

It looks like Chancellor Angela Merkel is not the only German official who might have been spied on by the nation's allies. The head of a German Federal Chancellery unit reportedly had his laptop infected with Regin, a cyberespionage program believed to be used by the U.S. National Security Agency and its closest intelligence partners.

The German federal prosecutor's office has opened an investigation into the breach, which came to light in 2014, German news magazine Der Spiegel reported Friday. The Chancellery is the federal agency that serves Merkel's office.

Regin is one of the most sophisticated malware programs ever discovered. It has over 75 modules that enable a range of functionality, including password theft, network traffic capture, screen shot grabbing, recovery of deleted files and data exfiltration.

According to reports from several security companies, it was used to spy on Internet service providers, telecommunications backbone operators, energy firms, airlines, government entities, research institutes and private individuals around the world.

There are strong indications that Regin is a computer network exploitation (CNE) platform referred to as WARRIORPRIDE in documents leaked by former NSA contractor Edward Snowden and which is used by the intelligence agencies of the U.S., U.K., Canada, Australia and New Zealand -- known as the Five Eyes intelligence partnership.

In January, Der Spiegel released a keylogger program dubbed QWERTY from the trove of files leaked by Snowden that the magazine believed was part of WARRIORPRIDE. Researchers from antivirus firm Kaspersky Lab later analyzed the program and concluded that it was identical to a known Regin plug-in and even had code referencing a different Regin module.

Previous reports that the NSA tapped Angela Merkel's mobile phone strained relations between Germany and the U.S. Prosecutors in Germany launched an investigation into that claim, which was also based on documents leaked by Snowden, but it was later dropped due to insufficient evidence.

If Regin is indeed WARRIORPRIDE, as many security experts believe, the program's presence on a German Chancellery official's laptop is unlikely to be a coincidence. However, since the tool is used by the intelligence agencies of five different countries, identifying the perpetrator in this case might prove difficult.


Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Featured

Slideshows

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

Tight lines as Hooked on Lenovo catches up at Great Barrier Island

​Ingram Micro’s Hooked on Lenovo incentive programme recently rewarded 28 of New Zealand's top performing resellers with a full-on fishing trip at Great Barrier Island for the third year​ in a row.

Tight lines as Hooked on Lenovo catches up at Great Barrier Island
Inside the AWS Summit in Sydney

Inside the AWS Summit in Sydney

As the dust settles on the 2017 AWS Summit in Sydney, ARN looks back an action packed two-day event, covering global keynote presentations, 80 breakout sessions on the latest technology solutions, and channel focused tracks involving local cloud stories and insights.

Inside the AWS Summit in Sydney
Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day

Ingram Micro hosted its third annual Cure Kids Charity Golf Tournament at the North Shore Golf Club in Auckland. In total, 131 resellers, vendors and Ingram Micro suppliers enjoyed a round of golf consisting of challenges on each of the 18 sponsored holes, with Team Philips taking out the top honours.

Channel tees off on the North Shore as Ingram Micro hosts annual Cure Kids Charity golf day
Show Comments