MiniDuke Variant, 'CosmicDuke,' Aimed at New Targets
08 Jul 2014
SC Magazine, By Marcos Colon
A variant of espionage malware that plagued government entities and other organizations across the globe has returned with a new toolset and a different set of victims.
MiniDuke, customized malware that previously took advantage of a patched Adobe Reader vulnerability, has been discovered by Kaspersky researchers to once again be active, only now attackers have created a variant of the malware.
Dubbed “CosmicDuke” or “TinyBaron,” the new backdoor is likely spread as an exploit attachment via spearphishing and spoofs popular applications such as Java, Google, and Adobe – mimicking attributes such as file size, information, and icons, Kurt Baumgartner, principal security researcher at Kaspersky Lab, told SCMagazine.com in an email correspondence. Read more.