"Guyana Governmental Entity Hit by DinodasRAT in Cyber Espionage Attack"

A government entity in Guyana has been targeted as part of Operation Jacana, a cyber espionage campaign. The activity, discovered by ESET in February 2023, involved a spear-phishing attack that resulted in the launch of a previously undocumented C++ implant called DinodasRAT. The cybersecurity company noted that it could link the intrusion to a known threat actor or group, but attributed with medium confidence to China-nexus adversary due to the use of PlugX, also known as Korplug, a Remote Access Trojan (RAT) commonly used by Chinese hacking groups. According to ESET, the threat actors behind this campaign assembled their emails specifically to lure their chosen victim organization. After compromising an initial but limited number of machines with DinodasRAT, the operators breached the target's internal network and re-implemented this backdoor. This article continues to discuss the Operation Jacana cyber espionage campaign targeting a government entity in Guyana.

THN reports "Guyana Governmental Entity Hit by DinodasRAT in Cyber Espionage Attack"

Submitted by grigby1