DinodasRAT used against governmental entity in Guayana – Week in security with Tony Anscombe

Cyber Security

Video

The backdoor can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine

This week, ESET researchers released their findings about a cyberespionage campaign that took aim at a Guyanese governmental entity. Named Operation Jacana by ESET, the campaign deployed a previously undocumented backdoor, DinodasRAT, that can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine. Apart from DinodasRAT, the attackers also deployed a variant of Korplug (PlugX), leading the researchers to suspect that the campaign is the work of China-aligned operators.

Learn more about the attack in our technical blogpost here:

Operation Jacana: Foundling hobbits in Guyana

Connect with us on FacebookTwitterLinkedInInstagram.

Products You May Like

Articles You May Like

Spyware Vendors’ Nebulous Ecosystem Helps Them Evade Sanctions
US Government Set Out to Improve Internet Routing Security
RansomHub Ransomware Group Targets 210 Victims Across Critical Sectors
Chinese-Speaking Hacker Group Targets Human Rights Studies in Middle East
Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus

Leave a Reply

Your email address will not be published. Required fields are marked *