ChinaLinked SprySOCKS Backdoor Expands to Windows with DriverBased Stealth
Cybersecurity researchers have flagged two previously undocumented Windows variants of what was believed to be a Linuxonly backdoor called SprySOCKS The Windows variants discovered are internally marked as WINDRV and WINPLUS ESET said in a report shared with The Hacker News Both come with a hardcoded CC commandandcontrol configuration and support communication over TCP UDP