All malware is bad, but some malware is more insidious than others. That seems to be the case with CosmicDuke. According to a new white paper from F-Secure, CosmicDuke meshes elements of two notorious malware threats—MiniDuke and Cosmu—to form a potent new attack.
MiniDuke is an APT (advanced persistent threat) Trojan that was uncovered in early 2013. It was used in targeted attacks against NATO and various European government agencies.
According to a blog post from F-Secure, researchers found a variant in April of this year that used some of the same code as Cosmu—a malware known for stealing sensitive information. The resulting threat is a combination of the loader from MiniDuke and the payload from Cosmu, creating an APT Trojan designed to steal sensitive login information that F-Secure dubbed CosmicDuke.
To read this article in full or to leave a comment, please click here