This hole, called SprySOCKS, is a modification of the Trochilus malware already known for Windows.
It was first detected in 2015 and has been associated with the Chinese group APT10, also known as Stone Panda and MenuPass.
SprySOCKS not only copies the features of Trochilus, but also adds new features. It can collect information about the system, remotely control the infected computer, list network connections and create proxies based on the SOCKS protocol.
The latter is needed to transfer files and other data between a compromised system and a server controlled by attackers.
This backdoor poses a serious threat as it is difficult to detect and can be used for various purposes such as espionage and financial fraud.
Additionally, Trend Micro researchers state that SprySOCKS is under active development, indicating its potential danger in the future.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
