Yet another APT of the ‘Dukes family’ is hitting high-profile targets, including the US government office. This time it’s CozyDuke in honor of the video it employs as a decoy.
The attack is notably sophisticated, including encrypted components, anti-detection capabilities and a fairly well-developed set of malware components that feature structural similarities with earlier MiniDuke, CosmicDuke, and Onion Duke threats. Office Monkeys are dangerous! This attack’s initial penetration method is based entirely on social engineering techniques. And, unfortunately, it is quite a successful approach for many targeted attacks.Read more