DinodasRAT used against governmental entity in Guayana – Week in security with Tony Anscombe

Cyber Security

Video

The backdoor can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine

This week, ESET researchers released their findings about a cyberespionage campaign that took aim at a Guyanese governmental entity. Named Operation Jacana by ESET, the campaign deployed a previously undocumented backdoor, DinodasRAT, that can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine. Apart from DinodasRAT, the attackers also deployed a variant of Korplug (PlugX), leading the researchers to suspect that the campaign is the work of China-aligned operators.

Learn more about the attack in our technical blogpost here:

Operation Jacana: Foundling hobbits in Guyana

Connect with us on FacebookTwitterLinkedInInstagram.

Products You May Like

Leave a Reply

Your email address will not be published. Required fields are marked *