DinodasRAT used against government entity in Guayana – Security Week with Tony Anscombe

esteria.white

Video

The backdoor can exfiltrate files, manipulate Windows registry keys, and execute commands capable of performing various actions on a victim’s machine.

This week, ESET researchers published their findings on a cyberespionage campaign targeting a Guyanese government entity. Named Operation Jacana by ESET, the campaign deployed a previously undocumented backdoor, DinodasRAT, capable of exfiltrating files, manipulating Windows registry keys, and running commands capable of performing various actions on the machine of a victim. Besides DinodasRAT, the attackers also deployed a variant of Korplug (PlugX), leading researchers to suspect that the campaign is the work of China-aligned operators.

Learn more about the attack in our technical blog post here:

Operation Jacana: Hobbits found in Guyana

Connect with us on Facebook, Twitter, LinkedInInstagram.

Leave a comment