While monitoring Earth Lusca, we discovered an intriguing, encrypted file on the threat actor’s server — a Linux-based malware, which appears to originate from the open-source Windows backdoor Trochilus, which we’ve dubbed SprySOCKS due to its swift behavior and SOCKS implementation.
This article has been indexed from Trend Micro Research, News and Perspectives
Read the original article: