• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 15th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Security
Malware

Dino Malware exposed: Found Spying on Iran and Syria

July 1st, 2015 Waqas Malware 0 comments
Dino Malware exposed: Found Spying on Iran and Syria
Share on FacebookShare on Twitter

Links traced to “Animal Farm” group and State Sponsored cyber criminals who already have targeted Syrian and Iranian computers in 2013.

Bratislava, Slovakia-based security firm ESET’s researchers have identified a very sophisticated Trojan that attacked Iranian and Syrian subjects in 2013 while rumor is that the group is a secret wing of the French Intelligence service.

The Trojan has been named Dino because it was supposedly created by the so-called Animal Farm Group, which also created other Trojans like Bunny, Casper and Babar. Casper malware’s claim to fame is that it was involved in a large-scale attack on computer systems in Syria last fall.

dino-malware-found-targeting-iran-and-syria

ESET claims that “Dino’s main goal seems to be the exfiltration of files from its targets”.

In a blog post from ESET researcher Joan Calvet, Dino malware was described as,

“An elaborate backdoor built in a modular fashion. We believe this malicious software has been developed by the Animal Farm espionage group, who also created the infamous Casper, Bunny and Babar malware.”

Calvet further added that “the amount of shared code between Dino and known Animal Farm malware leaves very little doubt that Dino belongs to Animal Farm’s Arsenal.”

Dino malware was recently mentioned by researchers at Kaspersky as well and they described it as a “full featured espionage platform that comes with fabriqué en France” stamp on it.”

According to Kaspersky, Dino is distributed by a malware package called Tafacalou. The vast majority of Tafacalou victims have been in Syria, Iran, and Malaysia—with the US and China trailing far behind.

The analysis of Dino’s code was based on a sample that infected Iranian computer systems in 2013.

Joan Calvet writes that “Among its technical innovations, there is a custom file system to execute commands in a stealthy fashion, and a complex task scheduling module working in a similar way to the ‘cron’ Unix command. Interestingly, the binary contains a lot of verbose error messages, allowing us to see Dino’s developers’ choice of wording. Also, Dino contains interesting technical features, and also a few hints that the developers are French speaking.”

It is apparent that Dino shares quite a few of its attributes with the “Animal Farm” malware family and it can be termed as an improvised version of the techniques of “Babar,” which was the intelligence-gathering software implant of the previous generation.

[src src=”source + More Coverage” url=”http://www.welivesecurity.com/2015/06/30/dino-spying-malware-analyzed/”]ESET[/src]

  • Tags
  • Cyber Warfare
  • Dino
  • Iran
  • Malware
  • security
  • Syria
  • TROJAN
Facebook Twitter LinkedIn Pinterest
Previous article Anonymous Shuts Down Canada Spy Agency Website
Next article Armenian Hackers Leak ID Cards, Passports of 5k Azerbaijani Citizens
Waqas

Waqas

I am a UK-based cybersecurity journalist with a passion for covering the latest happenings in cyber security and tech world. I am also into gaming, reading and investigative journalism

Related Posts
Unpatched MS Exchange servers hit by cryptojacking malware

Unpatched MS Exchange servers hit by cryptojacking malware

Android apps on APKPure store caught spreading malware

Android apps on APKPure store caught spreading malware

Unpatched vulnerable VPN servers hit by Cring ransomware

Unpatched vulnerable VPN servers hit by Cring ransomware

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Unpatched MS Exchange servers hit by cryptojacking malware
Security

Unpatched MS Exchange servers hit by cryptojacking malware

Indian supply-chain giant Bizongo exposed 643GB of sensitive data
Leaks

Indian supply-chain giant Bizongo exposed 643GB of sensitive data

FBI accessing computers across US to remove malicious web shells
Security

FBI accessing computers across US to remove malicious web shells

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us