skip to content
Decrypt LOL

Get Cyber-Smart in Just 5 Minutes a Week

Decrypt delivers quick and insightful updates on cybersecurity. No spam, no data sharing—just the info you need to stay secure.

Read the latest edition

Earth Lusca Employs KTLVdoor Malware for Multiplatform Attacks

/ 1 min read

🦑 New KTLVdoor Malware Discovered Linked to Chinese Threat Actor Earth Lusca. Researchers have identified KTLVdoor, a sophisticated multiplatform backdoor written in Golang, utilized by the Chinese-speaking threat group Earth Lusca in a large-scale attack campaign. This malware, which targets both Windows and Linux systems, is highly obfuscated and disguises itself as legitimate system utilities, enabling attackers to execute commands, manipulate files, and conduct remote port scans. The campaign is notable for its extensive infrastructure, with over 50 command-and-control servers hosted by a China-based company, although it remains uncertain if this infrastructure is exclusive to Earth Lusca or shared with other groups. Organizations are advised to implement robust security measures to defend against such advanced threats.

Source
{entry.data.source.title}
Original