Pierluigi Paganini September 17, 2015
The DUKES APT – 7 years of Russian state sponsored hacking

F-Secure has published an interesting report on the cyber espionage operations conducted by the Dukes APT group, which appears linked to the Kremlin. Security researchers at F-Secure have published an interesting report detailing the cyber espionage operation of a Russian APT group, dubbed the Dukes, the experts speculate the group is backed by the Russian government. […]

Pierluigi Paganini July 14, 2015
Seaduke, another weapon in the Duke arsenal

Security researchers at Symantec have analyzed Seaduke, a sophisticated Trojan used by threat actors behind the “Duke” malware family. Security experts at Symantec security firm have analyzed the Trojan.Seaduke, a malware that was used by the APT group behind the Duke espionage campaigns that targeted numerous government organizations worldwide. The Seaduke has many similarities with other […]

Pierluigi Paganini April 23, 2015
The CozyDuke, the last Russian APT group

Kaspersky Lab discovered another APT group dubbed CozyDuke which is believed to have hacked the US Department of State and the White House. Experts at Kaspersky Lab have uncovered a new advanced persistent threat (APT) dubbed CozyDuke that targeted several high-profile organizations in the second half of 2014. Kaspersky experts have published an interesting blog post that includes […]

Pierluigi Paganini January 12, 2015
MiniDuke, CosmicDuke and OnionDuke have a same matrix

Security experts collected further evidences of the link between the CosmicDuke, Miniduke and OnioDuke Advanced Persistent Threat campaigns. Researchers at F-Secure firm are constantly monitoring the cyber espionage campaigns MiniDuke, CosmicDuke and OnionDuke and provided an interesting update on the hacking operation. Below a short description of the campaigns: MiniDuke: Kaspersky Lab and Hungary’s Laboratory of Cryptography and System Security, or CrySyS, […]

Pierluigi Paganini November 16, 2014
OnionDuke: APT Attacks exploited the Tor Network

Experts at F-Secure discovered a link between the crew operating a rogue Tor node used to spread OnionDuke malware and MiniDuke APT. A few weeks ago the security research Josh Pitts of Leviathan Security Group identified a Russian Tor exit node that is patching the binaries downloaded by the users with malware. The researcher informed officials […]

Pierluigi Paganini July 03, 2014
CosmicDuke malware surprisingly linked to Miniduke campaign

While investigating on MiniDuke malware, experts at F-Secure discovered a surprising link to a new malware, dubbed CosmicDuke, belonging to Cosmu family. Early 2013 experts at Kaspersky Lab and Hungary’s Laboratory of Cryptography and System Security (CrySyS) uncovered a cyber espionage campaign dubbed Miniduke which targeted dozens of computers at government agencies across Europe. The hackers exploited a […]

Pierluigi Paganini April 03, 2014
F-Secure has discovered MiniDuke malware samples in the wild

Security Experts at F-Secure discovered a collection of pdf documents, that had references to Ukraine, containing MiniDuke malware samples. MiniDuke is the name of a sophisticated cyber espionage campaign discovered more than one year ago by experts at Kaspersky Lab and Hungary’s Laboratory of Cryptography and System Security (CrySyS). The malicious code was used by unknown hackers to […]

Pierluigi Paganini February 28, 2013
MiniDuke hackers target European governments and researchers

It’s a very difficult period for security researchers that in the last months have discovered various cyber espionage campaigns that hit governments, private businesses and intelligence agencies all over the world. The situation is very concerning, silently cyber threats attacks the above institutions to steal sensitive information and intellectual properties causing damage comparable to those […]