Hackers use MiniDuke malware to attack European governments
Participants work at their laptops at the annual Chaos Computer Club (CCC) computer hackers’ congress, called 29C3, on December 28, 2012 in Hamburg, Germany. The 29th Chaos Communication Congress (29C3) attracts hundreds of participants worldwide annually to engage in workshops and lectures discussing the role of technology in society and its future.
Hackers have targeted dozens of computer systems at government agencies across Europe in an attack researchers have dubbed MiniDuke.
MiniDuke has infected government computers as recently as this week as it attempts to search for geopolitical intelligence, reported The Guardian. The malware is the latest in a string of cyber attacks targeting governments and high-profile institutions. This time, however, security researchers said there was no indication of who was behind the MiniDuke attacks.
According to Reuters, Russia's Kaspersky Lab and Hungary's Laboratory of Cryptography and System Security (CrySyS) said targets included government computers in the Czech Republic, Ireland, Portugal and Romania, as well as a think tank, research institute and healthcare provider in the US.
More from GlobalPost: Apple: Macs recently hit by same hackers who targeted Facebook
The researchers noted that they suspect MiniDuke was designed for espionage, but have yet to find its main goal.
MiniDuke infects computers through PDFs, reported CNet. Hackers have developed fake PDFs that are very believable and look real and, once downloaded, the 20KB exploit takes advantage of flaws in Adobe Reader versions nine, 10 and 11. It has mechanisms built in that can fool antivirus software and security professionals, and can open backdoors through GIF files that give hackers access to files, allowing them to move, remove or make directories to them.
Kaspersky Lab founder and chief executive Eugene Kaspersky said MiniDuke can be "extremely dangerous" because it is an "elite, old-school" attack completed with modern-day tricks.
"This is a very unusual cyber attack," he told The Guardian. "I remember this style of malicious programming from the end of the 1990s and the beginning of the 2000s. I wonder if these types of malware writers, who have been in hibernation for more than a decade, have suddenly awoken and joined the sophisticated group of threat actors active in the cyber world."