Dinodasrat

Malware updated 23 days ago (2024-11-29T14:12:45.408Z)
Download STIX
Preview STIX
DinodasRAT is a malicious software that has been causing significant security concerns worldwide. This malware, which targets both Windows and Linux operating systems, is designed to infiltrate your system and perform harmful activities such as stealing personal information, disrupting operations, or holding data for ransom. The Linux variant of DinodasRAT, in particular, has been gaining attention due to its broad global impact and its unique ability to persist through systemd or SystemV, a feature specific to the Linux operating system. A detailed analysis of DinodasRAT's network communication with its command-and-control (C2) server reveals the extent of its capabilities on an infected machine. Beyond establishing persistence, the malware awaits commands from the C2 server to perform various operations. These operations range from basic system disruptions to more advanced tasks like data theft. Furthermore, there is a high degree of overlap between the features of the Linux backdoor version of DinodasRAT and its Windows counterpart, highlighting the versatility and adaptability of this malware. Recently, DinodasRAT was used in an Advanced Persistent Threat (APT) campaign, indicating its growing use in large-scale cyber attacks. Both the Windows and Linux versions were employed in this campaign, according to a report by Trend Micro. The widespread targeting and multifaceted functionality of DinodasRAT underscore the increasing threat it poses to users globally, calling for heightened vigilance and improved cybersecurity measures.
Description last updated: 2024-08-13T15:16:29.671Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Backdoor
Windows
Linux
Encryption
Malware
Phishing
Implant
Eset
Reconnaissance
Ubuntu Linux
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The Korplug Malware is associated with Dinodasrat. Korplug, also known as PlugX, is a type of malware developed and utilized by the China-aligned Advanced Persistent Threat (APT) group, Mustang Panda. This malicious software is designed to infiltrate computer systems without detection, often through suspicious downloads, emails, or websites. Once inUnspecified
3
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Earth Krahang Threat Actor is associated with Dinodasrat. Earth Krahang is a threat actor, a term used in cybersecurity to describe an entity responsible for malicious activities. This could be an individual, a private company, or even a government organization. In the world of cybersecurity, unique names are often given to these actors to differentiate thUnspecified
3
Source Document References
Information about the Dinodasrat Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securelist
4 months ago
Securityaffairs
4 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securelist
7 months ago
Securityaffairs
7 months ago
Securityaffairs
8 months ago
CERT-EU
a year ago
CERT-EU
a year ago
Securityaffairs
8 months ago
Securityaffairs
9 months ago
Checkpoint
9 months ago
Checkpoint
9 months ago
Securityaffairs
9 months ago