Malware that Symantec says was probably developed by a nation state may have been used for as long as eight years. About 100 entities infected with Regin in 10 countries, mostly in Russia and Saudi Arabia. Regin is a powerful cyberespionage platform that can be customized depending on what type of data is sought. The malware has five separate stages, each of which is dependent on the previous stage to be decrypted. It also uses peer-to-peer communication, avoiding using a centralized command-and-control system to dump stolen data.”]
Source: https://www.csoonline.com/article/2851416/traces-of-regin-malware-may-date-back-to-2006.html