Earth Lusca Employs New Linux Backdoor, Uses Cobalt Strike for Lateral Movement
Trend Micro Simply Security
2023-09-18 08:00:00
收藏
While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor's server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we've dubbed SprySOCKS due to its swift behavior and SOCKS implementation.
目录
最新
- U.S. Public Sector Under Siege: Threat Intelligence for Q1 2026
- Claude Code Packaging Error Remains a Lure in an Active Campaign: What Defenders Should Do
- Weaponizing Trust Signals: Claude Code Lures and GitHub Release Payloads
- TrendAI Insight: New U.S. National Cyber Strategy
- TrendAI™ Research at RSAC 2026: Advancing Defense Across AI‑Driven and Cyber‑Physical Threats
- Axios NPM Package Compromised: Supply Chain Attack Hits JavaScript HTTP Client with 100M+ Weekly Downloads
- The Real Risk of Vibecoding
- TeamPCP’s Telnyx Attack Marks a Shift in Tactics Beyond LiteLLM