DinodasRAT used against governmental entity in Guayana – Week in security with Tony Anscombe

Cyber Security

Video

The backdoor can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine

This week, ESET researchers released their findings about a cyberespionage campaign that took aim at a Guyanese governmental entity. Named Operation Jacana by ESET, the campaign deployed a previously undocumented backdoor, DinodasRAT, that can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine. Apart from DinodasRAT, the attackers also deployed a variant of Korplug (PlugX), leading the researchers to suspect that the campaign is the work of China-aligned operators.

Learn more about the attack in our technical blogpost here:

Operation Jacana: Foundling hobbits in Guyana

Connect with us on FacebookTwitterLinkedInInstagram.

Products You May Like

Articles You May Like

WithSecure Reveals Mass Exploitation of Edge Software and Infrastructure Appliances
WeLiveSecurity wins Best Cybersecurity Vendor Blog award!
Arid Viper poisons Android apps with AridSpy
U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain
Grandoreiro Banking Trojan Hits Brazil as Smishing Scams Surge in Pakistan

Leave a Reply

Your email address will not be published. Required fields are marked *