#KTLVdoor

New Cross-Platform Malware KTLVdoor Discovered in Attack on Chinese Trading Firm

by

September 5, 2024 at 02:15AM Earth Lusca, a Chinese-speaking threat actor, has been observed deploying a new backdoor named KTLVdoor in a cyber attack targeting an unnamed trading company in China. The malware is written in Golang and masquerades as system utilities, with over 50 command-and-control servers identified. Its use by other Chinese threat actors … Read more

Earth Lusca Uses KTLVdoor Backdoor for Multiplatform Intrusion

by

September 4, 2024 at 03:51AM Summary: The Chinese-speaking threat actor Earth Lusca has been found using a new multiplatform backdoor named KTLVdoor, which is highly obfuscated and has both Windows and Linux versions. The malware allows attackers to carry out various tasks and features sophisticated encryption and obfuscation techniques. The attack campaign involves significant infrastructure … Read more