Romanian Intelligence Service: MiniDuke cyber attack could be state sponsored, greater impact than Red October
The new malware was designed to collect confidential information from government websites and used a PDF format to send the virus, according to Kaspersky Lab Romania. The new malicious program, called MiniDuke, is “highly specialized” and was recently used to attack governments and institutions around the world. Kaspersky Lab investigations found that MiniDuke had compromised government agencies in Ukraine, Belgium, Portugal, Czech Republic and Ireland, as well as Romania. An unnamed research institute, two think-tanks and a healthcare provider in the US and a “well-known research institute” in Hungary were reportedly also compromised.
Romania's SRI is working together with the country's Special Telecommunication Service (STS) and the National Response Center to Cybernetic Security Incidents (CERT-RO) to find out all the affected entities in Romania and to stop the attack, according to Sorin Sava, the SRI spokesman, quoted by Mediafax.
Reports suggest that the malware looks very credible and mimics a PDF presentation on human rights, and once installed on the victim's computer, gains access to classified geopolitical information. So far, the IPs of institutions and foreign embassies in Bucharest were targeted, according to Romanian media.
editor@romania-insider.com
(photo source: sxc.hu)