1. /
  2. Security Response/
  3. Backdoor.Regin


Risk Level 1: Very Low

December 12, 2013
December 11, 2014 10:36:08 AM
Infection Length:
Systems Affected:
Windows 2000, Windows 7, Windows NT, Windows Vista, Windows XP
Backdoor.Regin is a Trojan horse that opens a back door and steals information from the compromised computer.

Backdoor.Regin is an extremely complex back door Trojan that enables stealthy surveillance activities. It can be customized with a wide range of different capabilities, which can be deployed depending on the target. It is a multi-staged, modular threat, meaning that it has a number of components, each depending on each other to perform attack operations.

Further information
For more information on Backdoor.Regin, read our blog: Regin: Top-tier espionage tool enables stealthy surveillance

Note: Definitions prior to November 24, 2014 may detect this threat as Backdoor.Trojan.GR.

Antivirus Protection Dates

  • Initial Rapid Release version December 12, 2013 revision 021
  • Latest Rapid Release version March 18, 2015 revision 032
  • Initial Daily Certified version December 12, 2013 revision 024
  • Latest Daily Certified version March 19, 2015 revision 002
  • Initial Weekly Certified release date December 18, 2013
Click here for a more detailed description of Rapid Release and Daily Certified virus definitions.

Threat Assessment


  • Wild Level: Low
  • Number of Infections: 0 - 49
  • Number of Sites: 0 - 2
  • Geographical Distribution: Low
  • Threat Containment: Easy
  • Removal: Easy


  • Damage Level: Medium
  • Payload: Opens a back door. Can download and install code modules to perform other activities.
  • Releases Confidential Info: Steals information. Sniffs low-level network traffic. Captures screenshots.


  • Distribution Level: Low

Search Threats

Search by name
Example: W32.Beagle.AG@mm
STAR Antimalware Protection Technologies
Internet Security Threat Report