Dinodasrat

Malware updated a year ago (2024-11-29T14:12:45.408Z)

Download STIX

Preview STIX

DinodasRAT is a malicious software that has been causing significant security concerns worldwide. This malware, which targets both Windows and Linux operating systems, is designed to infiltrate your system and perform harmful activities such as stealing personal information, disrupting operations, or holding data for ransom. The Linux variant of DinodasRAT, in particular, has been gaining attention due to its broad global impact and its unique ability to persist through systemd or SystemV, a feature specific to the Linux operating system. A detailed analysis of DinodasRAT's network communication with its command-and-control (C2) server reveals the extent of its capabilities on an infected machine. Beyond establishing persistence, the malware awaits commands from the C2 server to perform various operations. These operations range from basic system disruptions to more advanced tasks like data theft. Furthermore, there is a high degree of overlap between the features of the Linux backdoor version of DinodasRAT and its Windows counterpart, highlighting the versatility and adaptability of this malware. Recently, DinodasRAT was used in an Advanced Persistent Threat (APT) campaign, indicating its growing use in large-scale cyber attacks. Both the Windows and Linux versions were employed in this campaign, according to a report by Trend Micro. The widespread targeting and multifaceted functionality of DinodasRAT underscore the increasing threat it poses to users globally, calling for heightened vigilance and improved cybersecurity measures.

Description last updated: 2024-08-13T15:16:29.671Z

What's your take? (Question 1 of 5)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Aliases We are not currently tracking any aliases

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Backdoor

Windows

Linux

Encryption

Malware

Phishing

Implant

Eset

Reconnaissance

Ubuntu Linux

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Associated Malware

To see the evidence that has resulted in these malware associations, create a free account

Alias Description	Association Type	Votes
The Korplug Malware is associated with Dinodasrat. Korplug, also known as PlugX, is a type of malware developed and utilized by the China-aligned Advanced Persistent Threat (APT) group, Mustang Panda. This malicious software is designed to infiltrate computer systems without detection, often through suspicious downloads, emails, or websites. Once in	Unspecified	3

Associated Threat Actors

To see the evidence that has resulted in these threatActor associations, create a free account

Alias Description	Association Type	Votes
The Earth Krahang Threat Actor is associated with Dinodasrat. Earth Krahang is a threat actor, a term used in cybersecurity to describe an entity responsible for malicious activities. This could be an individual, a private company, or even a government organization. In the world of cybersecurity, unique names are often given to these actors to differentiate th	Unspecified	3

Source Document References

Information about the Dinodasrat Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
Securelist	a year ago	Kaspersky report on APT trends in Q2 2024
Securityaffairs	a year ago	SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6
Securityaffairs	a year ago	security-affairs-malware-newsletter-round-5
Securityaffairs	a year ago	Security Affairs Malware Newsletter - Round 3
Securityaffairs	a year ago	Security Affairs Malware Newsletter - Round 3
Securityaffairs	a year ago	Security Affairs Malware Newsletter - Round 2
Securityaffairs	a year ago	Security Affairs Malware Newsletter - Round 1
Securityaffairs	a year ago	Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	a year ago	Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	a year ago	Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION
Securelist	a year ago	Malware report Q1 2024 – quarter review
Securityaffairs	a year ago	Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs	a year ago	Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
CERT-EU	2 years ago	'Operation Jacana' Reveals DinodasRAT Custom Backdoor
CERT-EU	2 years ago	Guyana government subjected to suspected Chinese cyberespionage campaign
Securityaffairs	2 years ago	Security Affairs newsletter Round 466 by Pierluigi Paganini
Securityaffairs	2 years ago	Security Affairs newsletter Round 465 by Pierluigi Paganini
Checkpoint	2 years ago	1st April – Threat Intelligence Report - Check Point Research
Checkpoint	2 years ago	Malware Spotlight: Linodas aka DinodasRAT for Linux - Check Point Research
Securityaffairs	2 years ago	Earth Krahang APT breached tens of government orgs worldwide