Researchers have uncovered a new Linux backdoor, dubbed SprySOCKS, linked to the Chinese government-associated threat group, APT10. The malware, derived from a Windows backdoor named Trochilus, allows for system control, data collection, and file uploads. The discovery suggests the backdoor is still under development, with multiple versions found. The threat actor behind SprySOCKS, named Earth Lusca, primarily targets Asian governments and has interests in espionage and financial gain.
Read more at Ars Technica…