The China-linked threat actor known asEarth Luscahas been observed targeting government entities using a never-before-seen Linux backdoor called SprySOCKS. Earth Lusca wasfirst documentedby Trend Micro in January 2022, detailing the adversary’s attacks against public and private sector entities across Asia, Australia, Europe, North America. Active since 2021, the group has relied on