SAN FRANCISCO, Jan 27 (Reuters) - A program used by U.S. and British spies to record computer keystrokes was part of sophisticated hacking operations in more than a dozen countries, security experts said on Tuesday, after former NSA contractor Edward Snowden reportedly leaked the source code for the program.
On Tuesday, researchers at security software firm Kaspersky Lab said that much of that code, published this month by German magazine Spiegel, matched what they previously found in machines infected by Regin, a major suite of spying tools exposed in November.
Lead Kaspersky researcher Costin Raiu said that the keylogging program, called Qwerty, would work only with Regin, and that it appeared several Western countries' spies had been using Regin over the course of a decade.
"Multiple attacker groups are using the Regin platform, which is a new conclusion for us,” Raiu told Reuters.
Spiegel and other publications reported earlier that Regin had been used in the hacking of Belgian telecommunications provider Belgacom, which slides provided by Snowden said was targeted to enable spying on mobile phones in Europe.
Overall, the malicious software has been discovered at more than two dozen sites in 14 countries, including Russia, India, Germany and Brazil. Targets included government agencies, financial institutions and multilateral bodies.
The NSA did not respond to a request for comment. After past Snowden disclosures, it has avoided discussing specific operations but said it complies with U.S. law, which allows broad surveillance overseas.
The new findings suggest that Regin was a platform for spying operations that was shared among the so-called Five Eyes—the United States, United Kingdom, Canada Australia, and New Zealand.
In its own November report on Regin, top U.S. antivirus company Symantec Corp said it was extraordinarily well disguised, and that even when traces were found it was difficult to know the purpose. Like some other top-tier spying programs, Regin has different modules that can be installed to achieve different ends.
Symantec said it found victims in the telecom industry as well as energy, airline and research concerns.
(Reporting by Joseph Menn; Editing by Christian Plumb)
Support HuffPost
Our 2024 Coverage Needs You
Your Loyalty Means The World To Us
At HuffPost, we believe that everyone needs high-quality journalism, but we understand that not everyone can afford to pay for expensive news subscriptions. That is why we are committed to providing deeply reported, carefully fact-checked news that is freely accessible to everyone.
Whether you come to HuffPost for updates on the 2024 presidential race, hard-hitting investigations into critical issues facing our country today, or trending stories that make you laugh, we appreciate you. The truth is, news costs money to produce, and we are proud that we have never put our stories behind an expensive paywall.
Would you join us to help keep our stories free for all? Your contribution of as little as $2 will go a long way.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
As Americans head to the polls in 2024, the very future of our country is at stake. At HuffPost, we believe that a free press is critical to creating well-informed voters. That's why our journalism is free for everyone, even though other newsrooms retreat behind expensive paywalls.
Our journalists will continue to cover the twists and turns during this historic presidential election. With your help, we'll bring you hard-hitting investigations, well-researched analysis and timely takes you can't find elsewhere. Reporting in this current political climate is a responsibility we do not take lightly, and we thank you for your support.
Contribute as little as $2 to keep our news free for all.
Can't afford to donate? Support HuffPost by creating a free account and log in while you read.
Dear HuffPost Reader
Thank you for your past contribution to HuffPost. We are sincerely grateful for readers like you who help us ensure that we can keep our journalism free for everyone.
The stakes are high this year, and our 2024 coverage could use continued support. Would you consider becoming a regular HuffPost contributor?
Dear HuffPost Reader
Thank you for your past contribution to HuffPost. We are sincerely grateful for readers like you who help us ensure that we can keep our journalism free for everyone.
The stakes are high this year, and our 2024 coverage could use continued support. If circumstances have changed since you last contributed, we hope you’ll consider contributing to HuffPost once more.
Support HuffPostAlready contributed? Log in to hide these messages.