Chinese APT Earth Lusca Adds SprySOCKs Backdoor to its Arsenal

While monitoring a campaign by Earth Lusca, researchers stumbled across a Linux malware variant derived from the open-source Windows backdoor Trochilus. Named SprySOCKS, the malware is gaining traction for its agility and SOCKS implementation. The group is infamous for targeting government departments and using N-day vulnerabilities.