All the latest UK technology news, reviews and analysis

MiniDuke malware infiltrated UK networks, confirms Kaspersky

28 Feb 2013
british flag

The MiniDuke cyber spying tool managed to infect UK networks, according to new information from Kaspersky Labs.

Kaspersky Labs chief security expert Aleks Gostev told V3 that the UK was on the malware's laundry list of victims.

"More than 23 countries are affected and the UK is one of them. We shared all the information we have with national CERTs so that they could continue their own investigations," Gostev told V3.

However, as the UK has no CERT team as yet it is unclear which authority was contacted about the attack. V3 has asked for more information.

MiniDuke is a cyber espying tool discovered by Kaspersky and Crysys Lab that targeting government and critical infrastructures systems using malicious PDF documents.

"The attackers would have sent PDF files via email with subject headings including 'human rights seminar' or 'membership plans' which the users would be tempted to open. These files were the carriers of the malware which would then take over the machine," explained Gostev.

The security chief said that the attack has several atypical features that indicate it may have been made by a veteran team of hackers.

"MiniDuke is a unique and very strange attack. The many different targets hit in separate countries, together with the high profile appearance of the decoy documents and the weird backdoor functionality indicate an unusual threat actor," said Gostev

"The backdoor is written in ‘old school' assembly code and is tiny by current malware standards - only 20KB in size. This is most unusual for modern malware, which can be several megabytes in size."

MiniDuke is one of many espionage tools discovered by Kaspersky, which over the last year has helped unearth the hyper-sophisticated Flame and Red October campaigns.

Red October was a global cyber campaign caught targeting numerous European government institutions in January 2013. It is believed to have been created by a criminal group.

Flame was unearthed targeting Iranian government networks midway through 2012. The malware is believed to be state made, possibly by the US and Israel.

Gostev said that while MiniDuke is sophisticated it is not currently believed to be linked to either of these campaigns.

"Some of the elements remind us of cyber-espionage tools such as Duqu or Red October, such as the minimalistic approach, hacked servers, encrypted channels and also the typology of the victims," said Gostev.

"The amount of high profile victims in this attack is also notable and puts it on the same level with other advanced campaigns such as Red October.

"However, it is not related to any known platforms used in cyber-espionage campaigns such as ‘Tilded' platform in case of Stuxnet and Duqu or Flame platform."

The attack is the just the latest to be uncovered after a raft of attacks on western organisations that are believed to have emanated from China.

  • Comment  
  • Tweet  
  • Google plus  
  • Facebook  
  • LinkedIn  
  • Stumble Upon  
Alastair Stevenson

Alastair has worked as a reporter covering security and mobile issues at V3 since March 2012. Before entering the field of journalism Alastair had worked in numerous industries as both a freelance copy writer and artist.

View Alastair's Google+ profile

More on Security
What do you think?
blog comments powered by Disqus

Windows 10 poll

What are your first impressions of Windows 10?

Popular Threads

Powered by Disqus
V3 Sungard roundtable event - Cloud computing security reliability and scalability discussion

CIOs debate how to overhaul businesses for the digital era

V3 hosts roundtable with Sungard Availability Services

Updating your subscription status Loading

Get the latest news (daily or weekly) direct to your inbox with V3 newsletters.

newsletter sign-up button

Getting started with virtualisation

Virtualisation can help you reduce costs, improve application availability, and simplify IT
management. However, getting started can be challenging


Converting big data and analytics insights into results

Successful leaders are infusing analytics throughout their organisations to drive smarter decisions, enable faster actions and optimise outcomes

PPC/SEM Executive - English Speaking (Budapest)

PPC/SEM Executive - English Speaking (Budapest) Company...

PPC/SEM Executive - Swedish Speaking (Budapest)

PPC/SEM Executive - Swedish Speaking (Budapest) Company...

Technical Support Specialist (Projects)


PMO - software implementations

This role is for a leading provider of software solutions...
To send to more than one email address, simply separate each address with a comma.