Priya Patel
TLDR:
- A Linux version of the DinodasRAT backdoor malware has been detected targeting several countries.
- It is primarily designed to gain and maintain access via Linux servers for data exfiltration and espionage.
A Linux version of the multi-platform backdoor malware DinodasRAT has been identified by Kaspersky targeting countries like China, Taiwan, Turkey, and Uzbekistan. This C++-based malware is capable of harvesting sensitive data from compromised hosts. The malware was initially discovered in October 2023, with evidence of its first variant dating back to 2021. DinodasRAT is designed to target Red Hat-based distributions and Ubuntu Linux. It establishes persistence on the host and contacts a remote server to fetch commands to run. This backdoor grants operators complete control over infected machines, enabling data exfiltration and espionage. The malware evades detection using encryption techniques and is used by threat actors from China for cyber espionage activities.
