[Intel]: https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html - Githubissues

timb-machine / linux-malware

Tracking interesting Linux (and UNIX) malware. Send PRs

The Unlicense

1.1k stars 91 forks source link

[Intel]: https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html #789

Open timb-machine opened 6 months ago

timb-machine commented 6 months ago

Area

Malware reports

Parent threat

Defense Evasion, Discovery, Command and Control

Finding

https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html

Industry reference

attack:T1090:Proxy uses:ProcessTreeSpoofing attack:T1027:Obfuscated Files or Information attack:T1082:System Information Discovery

Malware reference

SprySOCKS Mandibule https://github.com/timb-machine/linux-malware/issues/170

Actor reference

Earth Lusca

Component

Linux

Scenario

No response