Kaspersky Lab identifies malware MiniDuke


Kaspersky Lab's team of experts recently published a new research report that analyzed a series of security incidents involving the use of the recently discovered PDF exploit in Adobe Reader (CVE-2013-6040) and a new, highly customized malicious programme known as MiniDuke. The MiniDuke backdoor was used to attack multiple government entities and institutions worldwide during the past week, said the lab's press release. Kaspersky Lab's experts, in partnership with CrySys Lab, analyzed the attacks in detail and published their findings.

MiniDuke's highly customized backdoor was written in assembler and is very small in size, being only 20kb. "The combination of experienced old school malware writers using newly discovered exploits and clever social engineering to compromise high profile targets is extremely dangerous," said the statement issued by the lab.

It said that the MiniDuke attackers are still active at this time and have created malware as recently as February 20. To compromise victims, the attackers used extremely effective social engineering techniques, which involved sending malicious PDF documents to their targets.
Read More

Comments