Strange malware from 2013 propagated via fake Ukraine-related documents

Over a year ago, security firm Kaspersky published its findings on a new strain of malware it dubbed “MiniDuke." Now, new analysis shows that the malware was distributed via a number of fake PDF attachments relating to Ukraine, among other decoys.

“This is interesting considering the current crisis in the area,” Mikko Hypponen, the CTO of security research firm F-Secure, wrote on Tuesday.

As Ars previously reported, MiniDuke combined older and newer styles: it was written in assembly language, which rendered its file size tiny, and it uses hijacked Twitter accounts and automated Google searches to ensure that it can receive continuous instructions.

Read 5 remaining paragraphs | Comments