DinodasRAT used against governmental entity in Guayana – Week in security with Tony Anscombe

by admin 0 Comments

Cyber Security
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Video

The backdoor can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine

06 Oct 2023

This week, ESET researchers released their findings about a cyberespionage campaign that took aim at a Guyanese governmental entity. Named Operation Jacana by ESET, the campaign deployed a previously undocumented backdoor, DinodasRAT, that can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine. Apart from DinodasRAT, the attackers also deployed a variant of Korplug (PlugX), leading the researchers to suspect that the campaign is the work of China-aligned operators.

Learn more about the attack in our technical blogpost here:

Operation Jacana: Foundling hobbits in Guyana

Connect with us on FacebookTwitterLinkedInInstagram.

This article was originally published by Welivesecurity.com. Read the original article here.
Share on Facebook
Share on Twitter
Share on Pinterest
Share on LinkedIn

Products You May Like

Articles You May Like

ESET Research Podcast: HotPage
BlackByte Adopts New Tactics, Targets ESXi Hypervisors
Hacktivists Exploits WinRAR Vulnerability in Attacks Against Russia and Belarus
PyPI Revival Hijack Puts Thousands of Applications at Risk
SonicWall Urges Users to Patch Critical Firewall Flaw Amid Possible Exploitation

Leave a Reply

Your email address will not be published. Required fields are marked *