Threat Intelligence

Guyana government subjected to suspected Chinese cyberespionage campaign

Suspected Chinese hackers have launched a cyberespionage campaign aimed at Guyana government agencies involving the novel data exfiltrating DinodasRAT backdoor and an iteration of the Korplug backdoor tied to Mustang Panda and other China-linked threat operations, according to The Record, a news site by cybersecurity firm Recorded Future. Malicious network activity first identified in February commenced with the delivery of phishing emails using Guyana's politics as lures that included links, which when clicked facilitated the download of a ZIP file containing DinodasRAT from a hacked Vietnamese government site, a report from ESET showed. Aside from stealing files, the C++-based remote access trojan also enabled Windows registry key manipulation and command execution. No further details on the information that may have been compromised were provided but the campaign was noted by researchers to have occurred amid strained relations between Guyana and China, with the former apprehending individuals amid its probe on money laundering schemes involving Chinese firms

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.