This week, ESET researchers released their findings about a cyberespionage campaign that took aim at a Guyanese governmental entity. Named Operation Jacana by ESET, the campaign deployed a previously undocumented backdoor, DinodasRAT, that can exfiltrate files, manipulate Windows registry keys, and execute commands that are capable of performing various actions on a victim’s machine. Apart from DinodasRAT, the attackers also deployed a variant of Korplug (PlugX), leading the researchers to suspect that the campaign is the work of China-aligned operators.
Learn more about the attack in our technical blogpost here:
Operation Jacana: Foundling hobbits in Guyana