Network Security, Malware, Threat Intelligence

DinodasRAT Linux malware leveraged in global cyberattacks

Closeup of a mobile phone screen with logo lettering of linux on computer keyboard

China, Turkey, Taiwan, and Uzbekistan have been targeted with attacks deploying a Linux variant of the C++-based DinodosRAT malware since October, according to The Hacker News.

Aside from conducting file operations and command-and-control address modifications, DinodasRAT has also been enabling running process enumeration and termination, shell command execution, updated backdoor downloads, and self-uninstallation while leveraging the Tiny Encryption Algorithm to conceal malicious activity, a report from Kaspersky revealed.

"DinodasRAT's primary use case is to gain and maintain access via Linux servers rather than reconnaissance. The backdoor is fully functional, granting the operator complete control over the infected machine, enabling data exfiltration and espionage," said Kaspersky.

Such findings come after global attacks with DinodasRAT were reported to have been conducted by China-linked advanced persistent threat operation Earth Krahang against numerous government organizations. Intrusions with the Windows version of DinodasRAT had also been launched against a Guyana-based government entity in October, according to ESET.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.