China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

China-Linked SprySOCKS Backdoor Expands to Windows with Driver-Based Stealth

Notícia de segurança recolhida automaticamente.

Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linux-only backdoor called SprySOCKS.

"The Windows variants discovered are internally marked as WIN_DRV and WIN_PLUS," ESET said in a report shared with The Hacker News. "Both come with a hard-coded C&C [command-and-control] configuration and support communication over TCP, UDP,

Fonte original: Ler artigo completo aqui