SAN FRANCISCO - A program used by US and British spies to record computer keystrokes was part of sophisticated hacking operations in more than a dozen countries, security experts said on Tuesday, after former NSA contractor Edward Snowden reportedly leaked the source code for the program.
On Tuesday, researchers at security software firm Kaspersky Lab said that much of that code, published this month by German magazine Spiegel, matched what they previously found in machines infected by Regin, a major suite of spying tools exposed in November.
Lead Kaspersky researcher Costin Raiu said that the keylogging program, called Qwerty, would work only with Regin, and that it appeared several Western countries' spies had been using Regin over the course of a decade.
"Multiple attacker groups are using the Regin platform, which is a new conclusion for us," Raiu told Reuters.
Overall, the malicious software has been discovered at more than two dozen sites in 14 countries, including Russia, India, Germany and Brazil. Targets included government agencies, financial institutions and multilateral bodies.