Earth Lusca’s Sneaky Moves Unleashes New Linux Backdoor

Threat Level

Actor Report

For a detailed threat advisory, download the pdf file here

Summary

Earth Lusca, a highly sophisticated Chinese threat actor, is believed to have resumed its operations in the first half of 2023. This cyber espionage group utilizes the SprySOCKS backdoor, primarily targeting government departments involved in foreign affairs, technology, and telecommunications.

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.