"New Backdoor Linked to Earth Lusca Threat Group"

Researchers have discovered a new Go language-based backdoor called "KTLVdoor" that targets Windows and Linux systems and is linked to the Chinese-speaking threat actor named "Earth Lusca." Earth Lusca has been active since at least April 2019, targeting organizations in different industries worldwide. The group has used KTLVdoor to run commands, manipulate files, scan remote ports, and more. This article continues to discuss findings regarding KTLVdoor and its link to the Earth Lusca group.

Decipher reports "New Backdoor Linked to Earth Lusca Threat Group"

Submitted by grigby1