A new Linux backdoor known as “SprySOCKS” was utilized by a Chinese hacker with a focus on espionage to target government entities in several different nations.
With many of its features adapted to work on Linux systems, Trend Micro’s study of the innovative backdoor revealed that it derives from the Trochilus open-source Windows malware.
The SprySOCKS command and control server (C2) communication protocol is similar to RedLeaves, a Windows backdoor, hence the virus appears to be a mashup of several infections. The interactive shell’s implementation, however, seems to have been inspired by the Linux malware Derusbi read more SprySOCKS Linux malware used in cyber espionage attacks.
Stay informed with the best cybersecurity news and raise your cybersecurity awareness with our comprehensive coverage of the latest threats, breaches, and solutions.