"Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries"

A Linux version of "DinodasRAT," a multi-platform backdoor, has been discovered in the wild, with targets including China, Taiwan, Turkey, and Uzbekistan. DinodasRAT, also known as "XDealer," is a malware written in C++ that can gather sensitive information from compromised hosts. In October 2023, a government entity in Guyana was targeted as part of "Operation Jacana," a cyber espionage campaign aimed at deploying the Windows version of the implant. Trend Micro recently detailed a threat activity cluster tracked as "Earth Krahang," which has shifted to using DinodasRAT in attacks against several government entities worldwide since 2023. The use of DinodasRAT has been attributed to different China-nexus threat actors, including "LuoYu," highlighting the tool sharing that is common among hacking crews determined to be acting on behalf of the country. This article continues to discuss new findings regarding the DinodasRAT backdoor.

THN reports "Linux Version of DinodasRAT Spotted in Cyber Attacks Across Several Countries"

Submitted by grigby1