alt Hacker NewsAccording to the vx-underground Twitter account, this is just Regin (which was first described in 2014): https://x.com/vxunderground/status/1995309917805179141
Replies
bri3d • today at 2:47 AM
I’m not even convinced the audiod thing is Regin; whatever is going on is way less sophisticated even based on what the OP posted from volatility. I don’t think the hash they gave vx-underground is even from the sample from the original screenshots.
I think this person is just karma/clout farming badly and the screenshots are of some even more basic RAT.
Well at the very least he confirmed Regin continues to circulate.