all InfoSec news
Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
Malware Analysis, News and Indicators - Latest topics malware.news
While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor’s server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we’ve dubbed SprySOCKS due to its swift behavior and SOCKS implementation.
Article Link: Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
1 post - 1 participant
actor article backdoor cobalt cobalt strike earth earth lusca encrypted file implementation lateral movement link linux malware monitoring server socks strike swift threat threat actor trochilus windows