CosmicDuke

Malware updated 4 months ago (2024-05-04T18:09:27.415Z)

Download STIX

Preview STIX

CosmicDuke is a type of malware that is designed to exploit and damage computers or devices. It is believed to be developed by the same APT group responsible for other attacks such as CozyDuke and MiniDuke. CosmicDuke was first discovered in 2014 and shares certain similarities with the old Miniduke implants. The original Miniduke group is thought to have switched to the CosmicDuke implant around 2014, suggesting that the two groups were initially connected. However, it appears that they parted ways at some point. Despite this, the similarities between the two implants suggest that they may still share some common code or development techniques. Like other APT groups, the developers of CosmicDuke use sophisticated techniques to evade detection and maintain persistence on compromised systems. This can make it difficult for victims to detect and remove the malware, making it a serious threat to organizations and individuals alike.

Description last updated: 2023-06-23T17:26:16.500Z

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the CosmicDuke Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
MITRE	2 years ago	Sofacy APT hits high profile targets with updated toolset
MITRE	2 years ago	A Slice of 2017 Sofacy Activity
MITRE	2 years ago	Minidionis – one more APT with a usage of cloud drives