The Dukes APT: Systematic cyber espionage in Europe sponsored by Russia

Various claims have been made in the last years which claim that Russia is sponsoring systematic cyber espionage which target companies and governments in Europe. This time, the Finnish security company “F-Secure” has published an detailed report on the Systematic cyber espionage in Europe which is sponsored by Russia.

The team from F-Secure has dubbed the threat actors as ‘The Dukes’. The Dukes use unique malware tools which allow them to harvest data from compromised hosts. I strongly recommend you to read the paper as it provides an detailed approach on “The Dukes APT”.

The history timeline of “The Dukes APT”:

  • PinchDuke – 2008 – Chechnya
  • PinchDuke – 2009 – Europe
  • CosmicDuke – 2010 – Caucasus
  • “The Dukes” – 2011 – Austria
    MiniDuke
    CozyDuke
    GeminiDuke
  • CosmicDuke / MiniDuke / OnionDuke  – 2011 –  Europe
  • CosmicDuke / MiniDuke / OnionDuke  – 2013 –  Ukraine
  • CozyDuke / MiniDuke / OnionDuke  – 2014 –  Europe
  • Cozyduke / SeaDuke / HammerDuke / CloudDuke- 2015 – Europe