Chinese hackers linked to the government have deployed a new #Linux #backdoor originating from a Windows backdoor known as Trochilus. The backdoor, named SprySOCKS, combines Trochilus functions with a new SOCKS implementation, allowing for system information collection and remote control of #compromised systems. The #threat actor responsible, Earth Lusca, targets #government organizations primarily in Asia and shows interest in #espionage, as well as financial motives such as #gambling and #cryptocurrency.

https://arstechnica.com/security/2023/09/never-before-seen-linux-backdoor-is-a-windows-malware-knockoff/