MiniDuke malware spies on governments

Victor Barreiro Jr.

This is AI generated summarization, which may have errors. For context, always refer to the full article.

Attackers using a PDF exploit in Adobe Reader are installing Miniduke, a spying malware, in computers in government entities and institutions

MINIDUKE STRIKES. New malware gets in through Adobe Reader and steals data as commanded by tweets. Screen shot from Kaspersky report.

MANILA, Philippines – There’s a new malicious program out in the wild, and researchers believe the program is being used to spy on government entities and institutions worldwide.

Kaspersky reports the program, called MiniDuke, is installed in computers through of a PDF exploit in Adobe Reader. Kaspersky’s findings indicate computers were infected through social engineering, with malicious PDFs that appeared like relevant government information being set up with exploits to attack Adobe Reader 9, 10, and 11.

The exploit allows for installation of a 20kb downloader that encrypts its communications, then uses Twitter or Google Search without the user’s knowledge, searching for tweets from pre-made accounts or the links that will that act as the controls for the program, which are downloaded and look like .gif files on the machine.

Once downloaded to the machine, the announcement adds the malware “can download a larger backdoor that carries out several basic actions, such as copy file, move file, remove file, make directory, kill process, and, of course, download and execute new malware.”

Kaspersky notes the malware backdoor “connects to two servers, one in Panama and one in Turkey, to receive instructions from the attackers,” with 59 unique victims in 23 countries, including the United States, Germany and the United Kingdom. – Rappler.com

 

Add a comment

Sort by

There are no comments yet. Add your comment to start the conversation.

Summarize this article with AI

How does this make you feel?

Loading
Download the Rappler App!
Person, Human, Sleeve

author

Victor Barreiro Jr.

Victor Barreiro Jr is part of Rappler's Central Desk. An avid patron of role-playing games and science fiction and fantasy shows, he also yearns to do good in the world, and hopes his work with Rappler helps to increase the good that's out there.