Regin, an advanced spyware program widely believed to have been developed by US and British intelligence agencies, was found on a USB stick belonging to an official in German Chancellor Angela Merkel's office, Berlin sources say.
Sources said the incident occurred months ago and said that the hackers involved could not be identified.
Merkel's spokeswoman declined to confirm that a cyber-attack had occurred.
The malware was discovered after a mid-level official in the European policy section of the chancellery reportedly took home a document on her USB flash drive to read on her private laptop computer.
When she later inserted the USB drive into her chancellery computer, an anti-virus alert came up.
Merkel's staff are not supposed to use their private computers for work for fear of transferring a virus this way.
"I cannot confirm this mode of attack," spokeswoman Christiane Wirtz told reporters, fending off questions about whether such a breach had in fact occurred or if anyone had been disciplined.
"The information technology system of the chancellery has not been infected," she insisted, declaring that such threats were on the government's radar and no fundamental review of precautions was required.
Sources said the incident happened in the first half of this year and cautioned that there was nothing to link such a Trojan attack with the United States, since anyone could have copied Regin and adapted it for their own ends, as hackers normally do.
Regin's existence became public last month, when virus-hunters surmised that it had originally been devised by the US National Security Agency and its British counterpart GCHQ for international espionage.
Merkel personally phoned US President Barack Obama in October 2013 to protest at revelations that US intelligence had monitored her mobile phone.
The sources said it was impossible to establish if any documents were taken by whoever planted the flash-drive virus.
Virus hunters say Regin can gather snapshots of a computer screen, observe passwords as they are typed and restore deleted documents.
The mass-circulation newspaper Bild said the document taken home by the woman was the manuscript of a planned Merkel speech on European Union strategy, not a major secret since the chancellor was going to give the talk in public.
Bild said all of the 200 high-security laptops used in Merkel's office were inspected after the incident, but Germany's cybersecurity agency, the BSI, which often advises the German public on how to fight snoopers, could not find any other affected machine.
Share
