Researchers have uncovered evidence which suggests the MiniDuke APT infection was launched as early as 2011.
Security firm Bitdefender said that its analysis of MiniDuke found that the malware has been circulating in various forms since December of 2011 and has been using sophisticated and specially-targeted attack techniques to infect government agencies.
According to researchers, the first samples of the malware exploited vulnerabilities disclosed late in 2011 and carried slight variations from the later samples, including the use of a clock system hosted in the US rather than a Chinese clock used in later builds
MiniDuke, which was first discovered infected system last month, has been notorious for its rapid and deep spread among government systems. Researchers believe that nearly two dozen government agencies, including those within the UK, have been compromised by the APT.
Part of the effectiveness of MiniDuke, say researchers, is the malware's use of highly targeted and believable social engineering techniques. In a sample of the malware dating back to the summer of 2012, researchers found that the attack file poses as an invitation to a phony industry conference.
In addition to using authentic images and language, the file further vouches for authenticity by including valid and current contact details for other industry contacts, suggesting the attackers fine-tuned the files for certain targets.
Additionally, the APT's operators kept their scheme flying under the radar by minimising the chance a third-party researcher or non-target could uncover the attack by using password protections on the attachment which would be included only when the email was sent to the targeted individual.
"There was much research and thought which went into creating this fake. Even just getting the contact details of the people involved can’t have been an easy task," wrote Bitdefender researcher Marius Tivadar.
"As to how the attackers managed to convincingly impersonate or indeed compromise the purported senders' email server, we are not sure yet."
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago