Earth Lusca’s New Surprise: A Fresh Linux Backdoor
- Earth Lusca, a China-linked threat actor, has been spotted targeting government entities with a new Linux backdoor named SprySOCKS.
- Earth Lusca was first observed by cybersecurity firm Trend Micro in January 2022.
- The threat group has targeted both public and private sector entities across Asia, Australia, Europe, North America since being active from 2021.
Just when you thought it was safe to go back to your Linux system, the slippery cyber-eel known as Earth Lusca comes sliding onto the scene! This China-linked threat actor has introduced its newest party no-one-really-wanted-an-invite-to trick: a previously unseen Linux backdoor humorously dubbed SprySOCKS. These SprySOCKS aren’t for keeping your toes warm on a winter night; instead, they might cause your security to catch a chill.
Earth Lusca first slithered into the spotlight in January 2022, when cybersecurity firm Trend Micro began observing its activities. Unlike the lovable monster from Japanese folklore it’s named after, there’s nothing charming about this digital octopus’s reach. This group has been active since 2021, casting its wide net across continents, ensnaring both public and private sector entities across Asia, Australia, Europe, and North America in their mischief.
If Earth Lusca were a startup, it’d be called innovative and disruptive. But in the cybersecurity world, it’s just plain disruptive. So, keep one eye on the horizon, because it seems there are stormy waters ahead.
The threat actor Earth Lusca has served up a fresh Linux backdoor named SprySOCKS, targeting government departments with a scary enthusiasm. Discovered by Trend Micro, this group has been operating since 2021 and targeted entities across Asia, Australia, Europe, and North America. As Earth Lusca continues to demonstrate new tools and tactics, organisations need to stay hot on their toes, even if wearing these “cyber” SprySOCKS might frostbite your safety.
Original Article: https://thehackernews.com/2023/09/earth-luscas-new-sprysocks-linux.html