‘Operation Jacana’ Reveals DinodasRAT Custom Backdoor

A new malware threat called “DinodasRAT” has been discovered after being used in a cyber-espionage attack on a governmental body in Guyana. Named by ESET researchers as “Operation Jacana”, the attack started with spear-phishing emails discussing recent developments in Guyanese politics. The researchers have tentatively linked the attack to Chinese state-sponsored cyberattackers and suggest that it may be connected to issues in Sino-Guyanese diplomacy. The malware is used to steal files, manipulate Windows registry keys, and execute commands.