Bitdefender Reveals MiniDuke Malware Dated 2011
MiniDuke Authors Likely 'Throwing Up Smoke Screen' to Hide Identity
(firmenpresse) - BUCHAREST, ROMANIA -- (Marketwire) -- 03/04/13 -- A version of MiniDuke -- the cyberspy malware aimed at governments and agencies in Europe and elsewhere -- has been operating for at least 21 months, internet security firm Bitdefender has discovered.
The newly discovered version also raises questions over the malware's origin. One difference is that the 2012 version fetches time from a clock set to Chinese time; the 2011 version fetches the time from a server of the US Department of the Navy.
The MiniDuke sample just discovered by Bitdefender researchers dates back to at least June 20, 2011, predating the oldest know variant -- also discovered by Bitdefender -- by almost a year. Used to steal intelligence from European governments and various institutes worldwide, the 2011 strain was intended to behave the same as the newer ones.
"The discovery of this older MiniDuke malware strain raises questions about the origin of the 2012 samples and the malware as a whole," said Bitdefender Chief Security Strategist Catalin Cosoi. "The switch from a US Navy clock to a Chinese clock suggests the malware's designers are simply throwing up a smoke cloud as to their identity."
Cosoi, said, however, that all versions so far discovered show that MiniDuke was designed for spying. "MiniDuke was clearly designed as a cyber-espionage tool to specifically target key sensitive government data," he said. "This casts a degree of doubt on who designed MiniDuke."
As of today, the newly discovered MiniDuke sample was still seeking encrypted command and control instructions via an active Twitter account, with a single instruction dated February 21st, 2012. The 2011 version does not use Google to search for command and control instructions, but lays dormant if it can't connect to Twitter.
For a more in-depth analysis of the 2011 MiniDuke sample, see the on Bitdefender Labs. Bitdefender's can detect and remove all variants of MiniDuke, including the one from 2011.
Bitdefender is the creator of one of the world's fastest and most effective lines of internationally certified . The company is an industry pioneer, introducing and developing award-winning protection since 2001. Today, Bitdefender technology secures the digital experience of around 400 million home and corporate users across the globe.
Recently, Bitdefender won a series of important awards and accolades in the global security industry, including "Product of the Year" by AV-Comparatives, "Best Repair 2012" by AV-Test, and "Editor's Choice" by PC Mag, that confirmed the 's leadership status among security products. More information about Bitdefender's products is available from the company's security press room. Additionally, Bitdefender publishes the blog, where readers can find stories from the underworld of internet fraud, scams, malicious software -- and gossip.
Contact:
Kyrk Storer
E-mail:
Telephone: 415.905.4012
Themen in dieser Pressemitteilung:
Unternehmensinformation / Kurzprofil:
Datum: 04.03.2013 - 18:43 Uhr
Sprache: Deutsch
News-ID 235680
Anzahl Zeichen: 0
contact information:
Town:
BUCHAREST, ROMANIA
Kategorie:
Internet
Diese Pressemitteilung wurde bisher 304 mal aufgerufen.
Die Pressemitteilung mit dem Titel:
"Bitdefender Reveals MiniDuke Malware Dated 2011"
steht unter der journalistisch-redaktionellen Verantwortung von
Bitdefender (Nachricht senden)
Beachten Sie bitte die weiteren Informationen zum Haftungsauschluß (gemäß TMG - TeleMedianGesetz) und dem Datenschutz (gemäß der DSGVO).
