Windows SprySOCKS malware targets govt orgs in 4 countries

ESET discovered Windows variants of SprySOCKS Linux malware used between 2023 and 2024 against government organizations in Taiwan, Thailand, Pakistan, and Honduras. The variants, WIN_DRV and WIN_PLUS, add kernel-level stealth capabilities. ESET attributes the activity with high confidence to the Earth Lusca threat actor.