Espionage Program Still Kicking

Friday, April 4, 2014 @ 04:04 PM gHale


One year after its discovery, security professionals are still grappling with the cyber espionage program called MiniDuke, this time the attackers used false PDF documents related to Ukraine to deceive the victims.

Researchers at F-Secure discovered the new approach while they were analyzing a collection of document used by attackers from a large batch of potential MiniDuke Samples.

RELATED STORIES
One RAT Infects 24,000 Systems Globally
Android RAT on Prowl
Snake Campaign Details Offered
Espionage Rootkit has Russian Roots

MiniDuke is a sophisticated cyber espionage campaign discovered a year ago by researchers at Kaspersky Lab and Hungary’s Laboratory of Cryptography and System Security (CrySyS). The malicious code infected dozens of computers at government agencies across Europe exploiting a security flaw in Adobe software, the malicious Payload drops once the victim opens the malicious PDF file.

The goal of the malware is to steal sensitive information from government organizations and high profile entities.

The documents talk about political issues like the recent crisis in the Ukraine or NATO information in the attempt to circumvent the victims, F-Secure reported, for example, the existence of a bogus document signed by Ruslan Demchenko, the First Deputy Minister for Foreign Affairs of Ukraine.



Leave a Reply

You must be logged in to post a comment.