The malware is said to be written in an older and more compact style, and uses Adobe document vulnerabilities to entrench itself on target systems. It can install backdoors and participate in botnet-style remote control by monitoring Twitter and Google Search for command and control signals.

Reports indicate that one section of the code contains the value "666", with some theorizing that it has biblical or heavy metal overtones. More likely than not, it's just an attempt to be identified as APT666 - you know, for kicks. :)

• The Register: MiniDuke miscreants whip out old-school tricks to spy on world+dog
• SecureList: The MiniDuke Mystery: PDF 0-day Government Spy Assembler 0x29A Micro Backdoor
• TechNewsWorld: MiniDuke Hackers Use Adobe Flaw to Zero In on Euro Governments
• InformationWeek: MiniDuke Espionage Malware Uses Twitter To Infect PCs