DinodasRAT Linux Malware Cybersecurity Backdoor

Unveiling the New Linux Version of DinodasRAT: A Threat to Cybersecurity

Discover the latest threat posed by the new Linux version of DinodasRAT, a multi-platform backdoor allowing malicious actors to surveil and harvest sensitive data. Learn about its targets, persistence methods, communication protocols, and affected regions.
Unveiling the New Linux Version of DinodasRAT: A Threat to Cybersecurity

New Linux Version of DinodasRAT Discovered

In a recent discovery by Kaspersky, a new Linux version of DinodasRAT, also known as XDealer, has been identified. This multi-platform backdoor poses a significant threat as it allows malicious actors to surveil and harvest sensitive data from a target’s computer.

When executed, the Linux version of DinodasRAT targets Red Hat-based distributions and Ubuntu Linux. To ensure stealth, it creates a hidden file in the same directory as the executable, allowing only one instance to run at a time. The backdoor establishes persistence by launching itself as a daemon and installing a suitable init script for either Systemd or SystemV.

Before connecting to the C2 server, the backdoor collects information about the infected machine and infection time to create a unique identifier. This identifier includes the date of infection, MD5 hash of the dmidecode command output, a randomly generated number as ID, and the backdoor version. Notably, user-specific data is not collected to generate this UID.

The communication with the C2 server is done using TCP or UDP, with the C2 domain and port hard-coded into the binary. DinodasRAT utilizes Pidgin’s libqq qq_crypt library functions for encryption and decryption of communication between the implant and the C2, as well as data encryption.

The infrastructure supporting the Linux versions of DinodasRAT was found to be operational at the time of analysis. Countries and territories most affected by this threat include China, Taiwan, Turkey, and Uzbekistan.

For more information on backdoors, DinodasRAT, Linux, malware, and related topics, refer to the glossary provided by Securelist. Stay informed and protected against evolving cyber threats.

With a love for unraveling complex tech puzzles, our meticulous journalist at NixOSPro sifts through mountains of information to bring you the latest Nix and NixOS tips. When not glued to a computer screen, you can find them exploring new vegan recipes and dabbling in urban gardening.

Stories from Around the Web

Wendy\U00002019s Partners with PAR Technology: A Leap into the Future of Customer Loyalty
EMA

Wendy\U00002019s Partners with PAR Technology: A Leap into the Future of Customer Loyalty

Arne Slot Joins Liverpool: Can He Defy the Dutch Managerial Odds in the Premier League?
Premier League Pulse

Arne Slot Joins Liverpool: Can He Defy the Dutch Managerial Odds in the Premier League?

Unleashing Creativity: Join Teen Tech Night and Discover the Future of Technology
EMA

Unleashing Creativity: Join Teen Tech Night and Discover the Future of Technology

Arne Slot: Liverpool's New Era Begins with a Dutch Touch
Premier League Pulse

Arne Slot: Liverpool's New Era Begins with a Dutch Touch

Pioneering Advances in Cancer Detection and Treatment: Texas Engineers Receive Major Grants
EMA

Pioneering Advances in Cancer Detection and Treatment: Texas Engineers Receive Major Grants

Arne Slot Takes Charge: The Next Chapter for Dutch Managers in the Premier League
Premier League Pulse

Arne Slot Takes Charge: The Next Chapter for Dutch Managers in the Premier League

Revolutionizing Cancer Care: New Tech for Early Detection and Treatment
EMA

Revolutionizing Cancer Care: New Tech for Early Detection and Treatment

Spurs Set to Pursue Eberechi Eze: A Game-Changer for Tottenham?
Premier League Pulse

Spurs Set to Pursue Eberechi Eze: A Game-Changer for Tottenham?

Revolutionizing Linux Graphics: Xe and PowerVR Drivers Take Center Stage
Older post

Revolutionizing Linux Graphics: Xe and PowerVR Drivers Take Center Stage

Newer post

How to Use Pass: A Text-Based Password Manager for Linux

How to Use Pass: A Text-Based Password Manager for Linux

Related

View all
Windows Update Wreaks Havoc on Linux Dual Boot: Here's the Fix
Linux Windows Dual Boot Secure Boot Microsoft

Windows Update Wreaks Havoc on Linux Dual Boot: Here's the Fix

By Lily Samson
Intel Microcode Vulnerabilities: A Growing Concern for Linux Users
Intel Microcode Linux Ubuntu Security Vulnerabilities Updates

Intel Microcode Vulnerabilities: A Growing Concern for Linux Users

By Lily Samson
Unveiling StealthGuardian: The Game-Changing Tool for Red Teams
Red Teaming StealthGuardian Cybersecurity Security Posture Tactics Techniques and Procedures (TTPs)

Unveiling StealthGuardian: The Game-Changing Tool for Red Teams

By Kate Monroe
The Linux Security Threat: A Concern for the Open-Source Community
Linux Security Disinformation Community

The Linux Security Threat: A Concern for the Open-Source Community

By Ethan Reynolds