ThaiCERT    ETDA    MDES
Report
Search
Home > List all groups > List all tools > List all groups using tool Regin

Threat Group Cards: A Threat Actor Encyclopedia

Permanent link Tool: Regin

NamesRegin
Prax
WarriorPride
CategoryMalware
TypeReconnaissance, Backdoor, Info stealer, Tunneling
DescriptionRegin is a sophisticated malware and hacking toolkit attributed to United States' National Security Agency (NSA) for government spying operations. It was first publicly revealed by Kaspersky Lab, Symantec, and The Intercept in November 2014. Regin malware targeted victims in a range of industries, telecom, government, and financial institutions. It was engineered to be modular and over time dozens of modules have been found and attributed to this family. Symantec observed around 100 infections in 10 different countries across a variety of organisations including private companies, government entities, and research institutes.
Information<https://securelist.com/regin-nation-state-ownage-of-gsm-networks/67741/>
<https://en.wikipedia.org/wiki/Regin_(malware)>
MITRE ATT&CK<https://attack.mitre.org/software/S0019/>
Malpedia<https://malpedia.caad.fkie.fraunhofer.de/details/win.regin>

Last change to this tool card: 23 April 2020

Download this tool card in JSON format

All groups using tool Regin

ChangedNameCountryObserved

APT groups

 Equation GroupUSA2001-Aug 2016X
 GCHQUK1919-2010 

2 groups listed (2 APT, 0 other, 0 unknown)

Thailand Computer Emergency Response Team (ThaiCERT)
Electronic Transactions Development Agency

Follow us on

Facebook Twitter

Report incidents

Telephone +66 (0)2-123-1234
E-mail report@thaicert.or.th
PGP Download PGP key