Threat Intelligence
Guyana government subjected to suspected Chinese cyberespionage campaign
Suspected Chinese hackers have launched a cyberespionage campaign aimed at Guyana government agencies involving the novel data exfiltrating DinodasRAT backdoor and an iteration of the Korplug backdoor tied to Mustang Panda and other China-linked threat operations, according to The Record, a news site by cybersecurity firm Recorded Future.
Malicious network activity first identified in February commenced with the delivery of phishing emails using Guyana's politics as lures that included links, which when clicked facilitated the download of a ZIP file containing DinodasRAT from a hacked Vietnamese government site, a report from ESET showed.
Aside from stealing files, the C++-based remote access trojan also enabled Windows registry key manipulation and command execution.
No further details on the information that may have been compromised were provided but the campaign was noted by researchers to have occurred amid strained relations between Guyana and China, with the former apprehending individuals amid its probe on money laundering schemes involving Chinese firms
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds