MiniDuke
MiniDuke is a highly customizable malware platform that was uncovered by Kaspersky Lab in February 2013. The malware may have been developed as early as 2010. According to Eugene Kaspersky, MiniDuke malware is unique in that it resembles more complex old school malware; in fact, many of its components are written in Assembly, a complex low-level programming language. This could indicate that the Russian authors behind MiniDuke have significant experience in the field and its Preferred attack vector is social engineering. The initial MiniDuke campaign compromised government institutions in Ukraine, Belgium, Portugal, Romania, the Czech Republic, and Ireland. Additionally, a research institute, two think tanks, and a healthcare provider were compromised in the United States, as well as a research foundation in Hungary. Victims were targeted with spear phishing emails containing malicious PDF files. If opened, the malicious attachments exploited a zero-day vulnerability and dropped a small downloader (20kb) onto the victim system.
OLDSCHOOLMALWARE















