all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement

Add to bookmarks
w
Sept. 18, 2023, midnight | Joseph C Chen

Trend Micro Simply Security www.rssmix.com

While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor's server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we've dubbed SprySOCKS due to its swift behavior and SOCKS implementation.

actor backdoor cobalt cobalt strike earth earth lusca encrypted file implementation lateral movement linux malware monitoring reports server socks strike swift threat threat actor trend micro research : articles trend micro research : malware trend micro research : research trochilus windows

Visit resource

More from www.rssmix.com / Trend Micro Simply Security

Tr
Trend Micro Collaborated with Interpol in Cracking Down Grandoreiro Banking Trojan 4 days, 7 hours ago | www.rssmix.com
analyze malware banking banking trojan blog +17
Tr
NCSC Says Newer Threats Need Network Defense Strategy 1 week, 3 days ago | www.rssmix.com
defense ncsc network network defense +6
Tr
The Fall of LabHost: Law Enforcement Shuts Down Phishing Service Provider 1 week, 3 days ago | www.rssmix.com
april as-a-service down enforcement +15
Tr
Cybersecurity Decluttered: A Journey to Consolidation 2 weeks, 2 days ago | www.rssmix.com
consolidation cybersecurity far future +10
Tr
Importance of Scanning Files on Uploader Applications 2 weeks, 2 days ago | www.rssmix.com
applications defensive file files +12
Tr
Fileless Attacks Prompt Intel’s Next-Gen Security 2 weeks, 3 days ago | www.rssmix.com
attacks detect detection discover +20
Tr
How Red Team Exercises Increases Your Cyber Health 2 weeks, 3 days ago | www.rssmix.com
counter cyber cyberattacks cyber health +27
Tr
Cyberespionage Group Earth Hundun's Continuous Refinement of Waterbear and Deuterbear 2 weeks, 3 days ago | www.rssmix.com
analysis blog continuous cyberespionage +9
Tr
Why a Cloud Security Platform Approach is Critical 3 weeks, 4 days ago | www.rssmix.com
attack attack surface attack surface management can +20

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations
View on infosec-jobs.com

Associate Compliance Advisor

@ SAP | Budapest, HU, 1031
View on infosec-jobs.com

DevSecOps Engineer

@ Qube Research & Technologies | London
View on infosec-jobs.com

Software Engineer, Security

@ Render | San Francisco, CA or Remote (USA & Canada)
View on infosec-jobs.com

Associate Consultant

@ Control Risks | Frankfurt, Hessen, Germany
View on infosec-jobs.com

Senior Security Engineer

@ Activision Blizzard | Work from Home - CA
View on infosec-jobs.com
View more jobs