If it is meant for spying, though, it's not clear just who wrote the malware or why. Unlike Dragonfly and other instances of professionally-made malware, Regin's origin hasn't been narrowed down to a particular country or region. About half of the infections have taken place in Russia and Saudi Arabia, but you can also find victims across India, Iran and multiple European nations. Also, it's definitely not limited to telecoms or other high-value targets -- 48 percent of known victims are people and small businesses. While Regin could easily be part of an online espionage campaign, it's hard to rule anything out at this point.

Update: Kaspersky Labs did some extra sleuthing and found that Regin can attack cellular' networks GSM base stations, mapping their infrastructure. Also, sources tell The Intercept that Belgian carrier Belgacom found the trojan on its internal networks. That's potentially worrisome -- while there's no hard evidence of a connection so far, it suggests that Britain's GCHQ may have used Regin to infiltrate Belgacom and spy on its users.

[Image credit: Patrick Lux/Getty Images]