FishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in Honduras, Taiwan, Thailand, and Pakistan.
Originally published at darkreading.com
SecurityAI-assisted1 min read
SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection
FishMonger, a China-linked threat actor, has deployed a previously undocumented Windows variant of the SprySOCKS backdoor that leverages kernel drivers to evade detection. The malware campaign has targeted government entities across Honduras, Taiwan, Thailand, and Pakistan, representing a significant evolution from the original Linux-based version.
▸ Want a deeper look?
Talk to an architect about applying this to your stack.
60-minute technical evaluation, no obligation. We'll map the ideas in this article to your environment.
▸ Continue reading
