Highly Advanced Backdoor Trojan Cased High-Profile Targets For Years

An anonymous reader points out this story at Ars about a new trojan on the scene. Researchers have unearthed highly advanced malware they believe was developed by a wealthy nation-state to spy on a wide range of international targets in diverse industries, including hospitality, energy, airline, and research. Backdoor Regin, as researchers at security firm Symantec are referring to the trojan, bears some resemblance to previously discovered state-sponsored malware, including the espionage trojans known as Flame and Duqu, as well as Stuxnet, the computer worm and trojan that was programmed to disrupt Iran's nuclear program. Regin likely required months or years to be completed and contains dozens of individual modules that allowed its operators to tailor the malware to individual targets.

Re:Microsoft Windows only

[bouldin]

Maybe you missed all the critical remote code execution vulns Microsoft announced just this month.

https://technet.microsoft.com/en-us/library/security/ms14-nov.aspx

Four of the bulletins above are listed as critical remote execution. Two of them (schannel and OLE vulns) are very bad. The IE bulletin says it resolves 17 privately identified bugs.

As the previous poster said, Microsoft has placed convenience over security for many years now. They have improved dev processes a lot, but as you can see, many security folks still view MS as a liability.

Not to stray too far from the point, but I hope Linux distros arent repeating Microsoft's mistakes with feature-laden packages like systemd and its ilk. Tons of new features in an inchoate software package with no security audits? That is how Microsoft got its reputation for insecurity.