#Regin Kaspersky publishes the Control Command centers and one is Belgian

https://securelist.com/files/201 ... in_platform_eng.pdf

important the snort rule against Regin  Snort Rules: 32621-32624 

and the command and the control servers were ....... 

C&C IPs:

61.67.114.73 Taiwan, Province Of China Taichung Chwbn

202.71.144.113 India Chetput Chennai Network Operations (team-m.co)

203.199.89.80 India Thane Internet Service Provider

194.183.237.145 Belgium Brussels Perceval S.a.

 

why

because that won't be found suspicous, going to India or Taiwan for traffic going out in Belgacom could have been found suspicous 

remember this is a spy operation so all the classical techniques and reflexes by spies are used - even covering up your tracks ..... 

The comments are closed.