PolyglotDuke

Description

(ESET) Uses Twitter or other websites such as Reddit and Imgur to get its C&C URL. It also relies on steganography in images for its C&C communication.

Names

Name
PolyglotDuke

Category

Malware

Type

• Backdoor

Information

• https://www.welivesecurity.com/2019/10/17/operation-ghost-dukes-never-left/

Mitre Attack

• https://attack.mitre.org/software/S0518/

Malpedia

• https://malpedia.caad.fkie.fraunhofer.de/details/win.polyglotduke

Other Information

Uuid

1321e6bb-5354-4f7e-9e7c-0f9b99ae399e

Last Card Change

2022-12-30