Daily Tech News, Interviews, Reviews and Updates

DinodasRAT Linus variant reportedly overlaps with codes and networking indicators of Windows variant, targeting entities across the world: report

According to the latest reports by Kaspersky, a Linux version of DinodasRAT was discovered in early October 2023. DindoasRAT is also known by the name of XDealer. It is a multi-platform backdoor written in C++.

With the help of DinodasRAT, a threat actor can surveil and harvest sensitive data from a target’s computer. According to earlier reports by ESET researchers, malicious actors used a Windows version of this RAT to attack government entities in Guyana.

According to Kaspersky researchers, the Linux version of DiniodasRAT has been in operation since 2022. The first known Linux variant (V7) dates back to 2021, and it hasn’t been publicly described yet.

The codes and networking indicators of the Linux DinodasRAT variant overlap with the Windows samples described by ESET. They use hardware-specific information to generate a UID instead of user information to manage infections. This implies that the primary aim of DinodasRAT is to gain and maintain access via Linux servers.

The fully functional backdoor on the other hand provides the operator complete control over the infected machine and enables data exfiltration and espionage.

Reports by Kaspersky state that this threat has affected the most in China, Taiwan, Turkey, and Uzbekistan. Researchers have been continuously monitoring this threat since October 2023.

It is to be noted that all Kaspersky products detect this Linux variant as HEUR: Backdoor.Linux.Dinodas.a.

You can check an analysis by Kaspersky, which discusses the technical details of one Linux implant used by attackers here.




Readers like you help support The Tech Outlook. When you make a purchase using links on our site, we may earn an affiliate commission. We cannot guarantee the Product information shown is 100% accurate and we advise you to check the product listing on the original manufacturer website. Thetechoutlook is not responsible for price changes carried out by retailers. The discounted price or deal mentioned in this item was available at the time of writing and may be subject to time restrictions and/or limited unit availability. Amazon and the Amazon logo are trademarks of Amazon.com, Inc. or its affiliates Read More

Advertisement

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More