Security researchers have discovered a Linux variant of DinodasRAT malware, targeting Red Hat and Ubuntu since 2022.

The malware maintains persistence through a hidden file and manages victim hosts via a command and control server.

DinodasRAT has extensive capabilities, including monitoring activities, executing remote commands, and controlling processes for data exfiltration and espionage.

Affected regions since October 2023 include China, Taiwan, Turkey, and Uzbekistan.

The Linux variant of DinodasRAT is part of a broader espionage effort, with a history of targeting Windows in 'Operation Jacana.'

The 'Earth Krahang' Chinese APT group has exploited XDealer to compromise government systems globally on both Windows and Linux platforms.