New Linux Malware DinodasRAT Gives Hackers Full Control Over Infected Servers
-
Security researchers have observed the Linux variant of the DinodasRAT/XDealer malware compromising Red Hat and Ubuntu systems in an espionage campaign that may have started in 2022.
-
The Linux malware creates persistence on infected systems, tags victims with system details, and communicates with a C2 server to receive commands and exfiltrate data.
-
Main capabilities include monitoring user activities, managing processes, offering attackers a remote shell, and uninstalling itself.
-
Gives attackers complete control over compromised Linux servers to gain and maintain access.
-
Kaspersky has observed victims in China, Taiwan, Turkey and Uzbekistan since October 2023.