|
Title: Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement Post by: HCK on October 16, 2023, 04:05:22 pm Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor's server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we've dubbed SprySOCKS due to its swift behavior and SOCKS implementation. Source: Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement (https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html) |