Security researchers identified two undocumented Windows backdoors linked to Chinese espionage threat activity targeting government organizations in Asia and Central America.

Asia, Central America, Honduras, Taiwan, Thailand, Pakistan

Who

Eset, FishMonger, iSoon

What

When

Tue, 16 Jun 2026 09:26:58 GMT · 1h 30m ago

Where

Asia, Central America, Honduras, Taiwan, Thailand, Pakistan ·

Why

The newly discovered variants are an upgrade of SprySocks, a Linux backdoor tied to the Chinese threat actor tracked as FishMonger or Earth Lusca and hacking contractor iSoon, revealing expanded espionage.

The Frontline Impact

How this affects you

The discovery of new Windows variants of the SprySocks backdoor indicates an expansion of Chinese-linked espionage capabilities targeting government organizations globally and enhancing stealth through kernel-level rootkits. This advancement could lead to more sophisticated and harder-to-detect cyberattacks on critical infrastructure and sensitive data.

Story chain

4 events in this thread

Currently Reading1h 30m ago
Security researchers identified two undocumented Windows backdoors linked to Chinese espionage threat activity targeting government organizations in Asia and Central America.
Technology1h 30m ago
Security researchers spotted two undocumented Windows backdoors linked to Chinese espionage threat activity targeting government organizations in Asia and Central America between 2023 and 2024.
Open article
Technology1h 53m ago
ESET researchers uncovered two previously undocumented Windows variants of SprySOCKS, a backdoor previously known only as a Linux threat.
Open article
Technology1h 53m ago
ESET researchers uncovered two previously undocumented Windows variants of SprySOCKS, a backdoor linked to the China-aligned cyberespionage group FishMonger.
Open article

Verified Sources & Citations

Credibility ratings reflect the AI ingestion pipeline's assessment of source provenance.