Sprysocks

Malware updated 4 months ago (2024-06-30T14:44:15.634Z)
Download STIX
Preview STIX
SprySOCKS is a new strain of malware that has recently been added to the arsenal of Earth Lusca, an advanced persistent threat (APT) group known for its sophisticated cyberattacks. Malware, short for malicious software, is designed to exploit and damage computers or devices without the user's knowledge. SprySOCKS specifically targets Linux systems, infiltrating them through suspicious downloads, emails, or websites, and once inside, it can steal personal information, disrupt operations, or even hold data hostage for ransom. The discovery of SprySOCKS was first reported in October 2020 on the Security Affairs website. The report detailed how Earth Lusca used this backdoor malware to gain unauthorized access to Linux systems. This marked a significant expansion of Earth Lusca's capabilities, as the group had previously been associated with other forms of cyber threats but not specifically with Linux-targeting malware. Since its discovery, SprySOCKS has posed a considerable threat to Linux systems worldwide. It is a clear demonstration of Earth Lusca's evolving tactics and increasing sophistication in cyber warfare. Cybersecurity experts recommend users to maintain up-to-date security measures, avoid suspicious downloads, and regularly monitor their systems for any signs of intrusion to mitigate the risk of falling victim to such attacks.
Description last updated: 2024-06-30T13:23:30.849Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Linux
Malware
Windows
Backdoor
Loader
Payload
Injector
Espionage
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
Alias DescriptionAssociation TypeVotes
The RedLeaves Malware is associated with Sprysocks. RedLeaves is a malicious software (malware) that has been utilized in cyber espionage campaigns for over five years, as reported by Trend Micro. This malware, which is known to infect Windows machines, operates as a remote access trojan (RAT), enabling unauthorized access and control over infected sUnspecified
4
The Derusbi Malware is associated with Sprysocks. Derusbi is a sophisticated malware family known for its ability to target both Linux and Windows systems. It has been predominantly associated with Chinese cyber espionage operations since 2008, making it a significant concern in the realm of cybersecurity. The malware primarily functions as a tool Unspecified
2
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The Earth Lusca Threat Actor is associated with Sprysocks. Earth Lusca, a threat actor believed to be part of the China-backed Winnti collective, has been active since at least 2019 and is known for its cyber-espionage activities. The group primarily targets government organizations in Asia, Latin America, and other regions. Recently, it has expanded its arUnspecified
6
Source Document References
Information about the Sprysocks Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
3 months ago
Securityaffairs
3 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
4 months ago
Securityaffairs
5 months ago
Securityaffairs
5 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
6 months ago
Securityaffairs
7 months ago
Securityaffairs
7 months ago
Securityaffairs
7 months ago
Securityaffairs
8 months ago
Trend Micro
8 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago
Securityaffairs
8 months ago