Video
The backdoor can exfiltrate files, manipulate Windows registry keys, and execute commands capable of performing various actions on a victim’s machine.
October 06, 2023
This week, ESET researchers published their findings on a cyberespionage campaign targeting a Guyanese government entity. Named Operation Jacana by ESET, the campaign deployed a previously undocumented backdoor, DinodasRAT, capable of exfiltrating files, manipulating Windows registry keys, and running commands capable of performing various actions on the machine of a victim. Besides DinodasRAT, the attackers also deployed a variant of Korplug (PlugX), leading researchers to suspect that the campaign is the work of China-aligned operators.
Learn more about the attack in our technical blog post here:
Operation Jacana: Hobbits found in Guyana