Reports out of Berlin today say that a top aide of German Chancellor Angela Merkel was targeted by advanced malware commonly used by the NSA and Britain’s counterpart, the GCHQ.
The Backdoor.Regin spyware was discovered on the aide’s USB drive after she’d taken it home and put it into the computer at work again, only to be alerted by an antivirus program.
Officials say the drive only contained copies of the chancellor’s speeches, so no classified data was directly compromised. They say it is unclear how the drive was initially infected, but deny that the chancellery’s computer system is not believed to be compromised.
The Regin family of virii first emerged in 2011, and was predominantly used against targets in Russia and Saudi Arabia. There is speculation that Edward Snowden’s leaks, which reference 2010 NSA cyberattacks against European targets, were the first deployments of Regin.
The Regin programs can capture a lot of data from end users, including screen-captures and keyloggers. German officials say they are unsure if the latest incident is an attack by US or British spies, or simply one of the many cases of private hackers reprogramming the government-made malware for their own use.