[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"$fq_IfMv-TdShxeoOFk2k_JMaG5GJXjAbnE4ELY4C03M4":3},{"article":4,"iocs":38},{"id":5,"title":6,"slug":7,"summary":8,"ai_summary":9,"brief":10,"full_text":11,"url":12,"image_url":13,"published_at":14,"ingested_at":15,"relevance_score":16,"entities":17,"category_id":21,"category":22,"article_tags":25},"c508ca11-31d3-4559-9476-e24e9325ac23","SprySOCKS Windows Variant Abuses Kernel Drivers to Evade Detection","sprysocks-windows-variant-abuses-kernel-drivers-to-evade-detection-7ed50a","FishMonger, a China-nexus threat group, has deployed an undocumented version of the Linux backdoor against government targets in Honduras, Taiwan, Thailand, and Pakistan.","A new variant of the SprySOCKS malware has been identified, specifically targeting Windows systems by abusing kernel drivers to bypass security measures and evade detection. This sophisticated technique allows the malware to operate with elevated privileges and remain hidden from standard security tools. The threat actor behind this campaign is believed to be FishMonger, a group with suspected ties to China, which has previously deployed a Linux version of the backdoor against government entities in multiple countries.","SprySOCKS malware variant uses kernel drivers to evade detection on Windows.",null,"https:\u002F\u002Fwww.darkreading.com\u002Fthreat-intelligence\u002Fsprysocks-windows-variant-kernel-drivers","https:\u002F\u002Feu-images.contentstack.com\u002Fv3\u002Fassets\u002Fblt6d90778a997de1cd\u002Fbltfe5e902d31634190\u002F6a317c8da9a64d0008e8660f\u002Fbackdoor-BeeBright-Getty-823310866.jpg?width=720&quality=80&disable=upscale","2026-06-16T20:11:48+00:00","2026-06-16T20:00:23.053094+00:00",8,[18],{"name":19,"type":20},"FishMonger","threat_actor","89f78b1c-3503-45a1-9fc7-e23d2ce1c6d5",{"id":21,"icon":11,"name":23,"slug":24},"Malware","malware",[26,31,33],{"category":27},{"id":28,"icon":11,"name":29,"slug":30},"6cbdd207-aaa1-4176-9534-e156b125e917","Nation-state","nation-state",{"category":32},{"id":21,"icon":11,"name":23,"slug":24},{"category":34},{"id":35,"icon":11,"name":36,"slug":37},"e7b231c8-5f79-4465-8d38-1ef13aea5a14","Threat Intelligence","threat-intelligence",[]]