The China-linked threat actor known as Earth Lusca has been observed targeting government entities using a never-before-seen Linux backdoor called SprySOCKS.
Earth Lusca was first documented by Trend Micro in January 2022, detailing the adversary’s attacks against public and private sector entities across Asia, Australia, Europe, North America.
Active since 2021, the group has relied on