For more than 10 years, the Regin malware has been infecting targets around the globe. Now there’s clear evidence that Regin and QWERTY — an NSA keylogger revealed by Edward Snowden — are being developed by the same people.
Security experts all around the globe — from Symantec who discovered it to Fox IT who were called in to clean up a particularly nasty infection — said it was by far the most sophisticated piece of malware they’d ever seen. Last year, Regin was found hiding out on Belgian telecom carrier Belgacom’s servers, an infiltration that was pinned on Britain’s GCHQ.
But why would GCHQ want to infect a Belgian carrier with advanced malware? Because there are a lot of important discussions that take place in Brussels, what with it being the home of the European Commission, Parliament, and European Council. It makes for an efficient way to gather loads of intelligence about both allies and adversaries.
