A highly advanced piece of malware—perhaps the most sophisticated of its kind ever discovered—has been systematically snooping on government organizations, businesses and private individuals for at least the past six years, according to cybersecurity company Symantec.
The most likely culprit behind the sophisticated spying software remains a "nation state," the company said in a statement released Sunday. The amount of work and advanced technology put into the software, known as "Regin," means it was likely one of the "main cyber-espionage tools" used by that unknown country, Symantec said.
Regin "is a complex piece of malware whose structure displays a degree of technical competence rarely seen," Symantec said.
On infected computers, the software can take control of a computer's mouse, take screenshots, steal passwords and recover deleted files, among other functions, according to the security company.
Symantec's Vikram Thakur told the BBC of Sunday that only a handful of nation states have the technical know-how and resources to produce such a powerful piece of spying software. The malware, however, doesn't seem to be a mass surveillance tool, Thakur said.
Symantec believes the malware has been used to wage persistent, long-term surveillance campaigns against specific targets.
"We think that the malware ... is capable of targeting just about anybody who connects to the Internet today," Thakur told the BBC. "However, we don't believe that this tool is being used to target individuals at home."