Emerging Threats

Cyber espionage tool Regin discovered by Symantec

Authored by a Symantec employee


Symantec, the parent company of Norton, has uncovered a highly-complex cyber-espionage malware program known as Regin. This malware has been developed for use in spying campaigns against international targets, such as government organizations, businesses, academic organizations, service providers and even private individuals. Because of its high degree of sophistication, Regin exhibits the characteristics of a state-sponsored operation, but, at this time, Symantec does not have enough evidence to connect it to any particular organization.

A security suite that helps protect your devices.

Free security software just doesn’t have the resources to keep up with new threats as they emerge. That’s why you need a multi-layered defense to security. Meet Norton Security Premium — protection for up to 10 of your devices.

What does Regin do?

Classified as a backdoor Trojan, Regin provides the attacker access to, and control of a targeted computer. But unlike most malware that is designed for one intended purpose, such as stealing specific types of data, Regin is used for long-term, broad collection of information, as well as continued monitoring of targeted organizations.

Can Regin affect me?

At this time, Symantec has only observed around 100 cases of infection in 10 countries and most consumers are unlikely to be affected. While individual users could be targeted by Regin, these individuals are typically working in specialized areas of interest to the Regin operators.

We do not believe that Regin targets the average Norton customer, however, it is important to also note that Symantec has provided protection against Regin to its customers, including Norton branded security products, since December 2013. Regin components are detected as Backdoor.Regin.

Stay protected from this threat:

We always recommend that consumers take steps to protect themselves, even if they are not the direct target of a specific attack. Best practices include;

  1. NEVER open attachments or links from unknown senders via email, instant messages or social media.
  2. Be sure that all of your computer’s software is up to date. This includes not only your computer’s operating system but common applications such as document readers and productivity software.
  3. Have a trusted brand of security software installed and keep it updated as well. While there are many good brands of software available, we happen to recommend Norton Security.

Our best protection. One low price

Norton Security Premium helps protect up to 10 of your Windows PCs, Macs, Android smartphones or your iPads.

Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the LockMan Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the U.S. and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.