Friday, July 10, 2026
  • About Web3Wire
  • Web3Wire NFTs
  • .w3w TLD
  • $W3W Token
  • Web3Wire DAO
  • Media Network
  • RSS Feed
  • Contact Us
Web3Wire
No Result
View All Result
  • Home
  • Web3
    • Latest
    • AI
    • Business
    • Blockchain
    • Cryptocurrencies
    • Decentralized Finance
    • Metaverse
    • Non-Fungible Token
    • Press Release
  • Technology
    • Consumer Tech
    • Digital Fashion
    • Editor’s Choice
    • Guides
    • Stories
  • Coins
    • Top 10 Coins
    • Top 50 Coins
    • Top 100 Coins
    • All Coins
  • Exchanges
    • Top 10 Crypto Exchanges
    • Top 50 Crypto Exchanges
    • Top 100 Crypto Exchanges
    • All Crypto Exchanges
  • Stocks
    • Blockchain Stocks
    • NFT Stocks
    • Metaverse Stocks
    • Artificial Intelligence Stocks
  • Events
  • News
    • Latest Crypto News
    • Latest DeFi News
    • Latest Web3 News
  • Home
  • Web3
    • Latest
    • AI
    • Business
    • Blockchain
    • Cryptocurrencies
    • Decentralized Finance
    • Metaverse
    • Non-Fungible Token
    • Press Release
  • Technology
    • Consumer Tech
    • Digital Fashion
    • Editor’s Choice
    • Guides
    • Stories
  • Coins
    • Top 10 Coins
    • Top 50 Coins
    • Top 100 Coins
    • All Coins
  • Exchanges
    • Top 10 Crypto Exchanges
    • Top 50 Crypto Exchanges
    • Top 100 Crypto Exchanges
    • All Crypto Exchanges
  • Stocks
    • Blockchain Stocks
    • NFT Stocks
    • Metaverse Stocks
    • Artificial Intelligence Stocks
  • Events
  • News
    • Latest Crypto News
    • Latest DeFi News
    • Latest Web3 News
No Result
View All Result
Web3Wire
No Result
View All Result
Home Artificial Intelligence

ESET Research: China-aligned FishMonger updates its arsenal, targets governments in Asia and Latin America

June 16, 2026
in Artificial Intelligence, GlobeNewswire, Web3
Reading Time: 5 mins read
5
SHARES
254
VIEWS
Share on TwitterShare on LinkedInShare on Facebook
  • ESET Research discovered two previously undocumented Windows variants of FishMonger’s SprySOCKS backdoor.
  • ESET telemetry shows activity between 2023 and 2024, primarily targeting government organizations in Honduras, Taiwan, Thailand, and Pakistan.
  • Both Windows variants support communication over TCP, UDP, and WebSocket protocols and implement over 30 commands.
  • The Windows WIN_DRV variant creates a stealthy passive TCP backdoor, relying on a kernel driver to redirect traffic to the backdoor’s hidden TCP port whenever specially crafted data is detected inside a received TCP packet.

BRATISLAVA, June 16, 2026 (GLOBE NEWSWIRE) — ESET researchers have discovered two as-yet undocumented Windows variants (WIN_DRV and WIN_PLUS) of SprySOCKS, a previously Linux-only backdoor reportedly used by FishMonger, the group believed to be operated by a Chinese contractor named I-SOON. While ESET initially discovered the malware samples on VirusTotal uploaded in April 2024, ESET telemetry shows real activity between 2023 and 2024, with several victims in Honduras, Taiwan, Thailand, and Pakistan, targeting mostly government organizations.

The WIN_DRV variant includes support for over 30 Command and Control (C&C) commands, covering various functionalities, including system information collection and process enumeration as well as service management and file management functions, such as listing, creating, deleting, and transferring files.

In addition to the core backdoor functionality, FishMonger’s backdoor weaponizes a kernel driver for advanced stealth. SprySOCKS utilizes this driver to hide the malware’s network connections, processes, files, and registry keys and enables TCP traffic diversion, allowing the malware operators to send commands to the backdoor through a random TCP port on the victim’s device without exposing the backdoor’s real listening port in the network traffic.

“The Windows version retains most of the core architecture of its Linux predecessor — including the C&C protocol, encryption used, and overall command handling logic — while substituting Windows-native mechanisms where required and improving the stealthiness of the backdoor by bringing the kernel drivers to the game. Considering the limited indications of possible UEFI bootkit involvement, we advise everyone to keep a close eye on the group’s activities,” says ESET researcher Martin Smolár, who discovered and analyzed FishMonger’s latest arsenal.

Based on ESET telemetry, there are limited indications that some SprySOCKS attack scenarios could involve a UEFI bootkit component, possibly exploiting CVE 2023 24932.

FishMonger — believed to be operated by a Chinese contractor named I-SOON — is a cyberespionage group that falls under the Winnti Group umbrella and is most likely operating out of China, from the city of Chengdu. It is also known as Earth Lusca, TAG-22, Aquatic Panda, or Red Dev 10. ESET Research published an analysis of FishMonger in early 2020 when it heavily targeted universities in Hong Kong during the civic protests that started in June 2019. The group is also known to operate watering-hole attacks. FishMonger’s toolset includes ShadowPad, Spyder, Cobalt Strike, FunnySwitch, SprySOCKS, and the BIOPASS RAT.

For a more detailed analysis about FishMonger’s latest arsenal, check out the ESET Research blog post “Fishmonger’s arsenal upgraded: SprySOCKS for Windows” on WeLiveSecurity.com. Make sure to follow ESET Research on Twitter (today known as X), BlueSky, and Mastodon for the latest news from ESET Research.

About ESET

ESET® provides cutting-edge cybersecurity to prevent attacks before they happen. By combining the power of AI and human expertise, ESET stays ahead of emerging global cyberthreats, both known and unknown— securing businesses, critical infrastructure, and individuals. Whether it’s endpoint, cloud, or mobile protection, our AI-native, cloud-first solutions and services remain highly effective and easy to use. ESET technology includes robust detection and response, ultra-secure encryption, and multifactor authentication. With 24/7 real-time defense and strong local support, we keep users safe and businesses running without interruption. The ever-evolving digital landscape demands a progressive approach to security: ESET is committed to world-class research and powerful threat intelligence, backed by R&D centers and a strong global partner network. For more information, visit http://www.eset.com or follow our social media, podcasts and blogs.

About Web3Wire
Web3Wire – Information, news, press releases, events and research articles about Web3, Metaverse, Blockchain, Artificial Intelligence, Cryptocurrencies, Decentralized Finance, NFTs and Gaming.
Visit Web3Wire for Web3 News and Events, Block3Wire for the latest Blockchain news and Meta3Wire to stay updated with Metaverse News.

ShareTweet1ShareSendShare2
Previous Post

74Software: Disclosure of transactions in own shares from June 8 to 12, 2026

Next Post

AI-Driven Revenue Optimisation Delivers Nearly $600 Million in Additional Profit for Travel Companies, Mize Data Reveals

Related Posts

Cineplex Reports Impressive June Results with 11% Q2 Box Office Growth and Record Q2 Concession Revenue

TORONTO, July 09, 2026 (GLOBE NEWSWIRE) -- (TSX: CGX) – Ci eplex, Ca ada’s leadi g e te tai me t a d media compa y, epo ted st o g Ju e 2026 esults, with combi ed box office a d theat e food se vice eve ues (“co cessio...

Read moreDetails

SalesHood Expands Agentic Revenue Enablement Platform with Native Support for 19 Languages

Sa F a cisco, July 09, 2026 (GLOBE NEWSWIRE) -- SalesHood, the leadi g Age tic Reve ue E ableme t Platfo m, today a ou ced ative suppo t fo 19 la guages, e abli g global e te p ises to delive AI-powe ed coachi g, t ai...

Read moreDetails

AppFolio, Inc. Announces Date of Second Quarter 2026 Financial Results Conference Call

SANTA BARBARA, Calif., July 09, 2026 (GLOBE NEWSWIRE) -- AppFolio, I c. (NASDAQ: APPF) today a ou ced that it will epo t its seco d qua te 2026 fi a cial esults afte the close of the U.S. fi a cial ma kets o Thu sday, July 23, 2026....

Read moreDetails

Crane NXT Announces Dates for Second Quarter 2026 Earnings Release and Earnings Call

WALTHAM, Mass., July 09, 2026 (GLOBE NEWSWIRE) -- C a e NXT, Co. (NYSE: CXT), a global leade i authe ticatio a d t aceability tech ologies, today a ou ced its schedule fo the compa y’s seco d qua te 2026 esults. Ea i gs Release: Wed esday, August...

Read moreDetails

Varonis Announces Date of Second Quarter 2026 Financial Results

MIAMI, July 09, 2026 (GLOBE NEWSWIRE) -- Va o is Systems, I c. (Nasdaq: VRNS), the data a d AI secu ity leade , a ou ced that it will epo t its seco d qua te 2026 fi a cial esults followi g the close of the U.S. fi...

Read moreDetails

SiTime Corporation to Announce Second Quarter 2026 Financial Results on August 5, 2026

SANTA CLARA, Calif., July 09, 2026 (GLOBE NEWSWIRE) -- SiTime Co po atio (Nasdaq: SITM), the P ecisio Timi g compa y, will a ou ce its seco d qua te 2026 fi a cial esults o Wed esday, August 5, 2026, afte ma ket close. Rajesh Vashist, chief executive...

Read moreDetails

MKS Named by Time as One of America’s Best Companies for 2026

ANDOVER, Mass., July 09, 2026 (GLOBE NEWSWIRE) -- MKS I c. (NASDAQ: MKSI), a global p ovide of e abli g tech ologies that t a sfo m ou wo ld, was ecog ized today as o e of Ame ica’s Best Compa ies fo 2026 by Time a d Statista,...

Read moreDetails

Senteon Expands Automated Endpoint Hardening to Microsoft Office

Peacht ee Co e s, GA, July 09, 2026 (GLOBE NEWSWIRE) -- Se teo , the leade i automated e dpoi t ha de i g a d co figu atio d ift p eve tio , a ou ces the expa sio of its platfo m with P oductivity...

Read moreDetails

ORIZON Expands OriZone Into a Growing AI-Native Web3 Ecosystem

Nai obi, Ke ya, July 09, 2026 (GLOBE NEWSWIRE) -- New ecosystem visio combi es P otocol-Ow ed Liquidity, AI-powe ed utilities, a d futu e payme t a d t adi g i f ast uctu e u de a u ified Web3 expe ie ce.ORIZON today a ou ced...

Read moreDetails

DIGITAL backs $19.9M in Canadian mining innovation to unlock critical minerals and restore lands faster

VANCOUVER, B itish Columbia a d SUDBURY, O ta io, July 09, 2026 (GLOBE NEWSWIRE) -- Ca ada has the c itical mi e als eeded fo elect ic vehicles, clea e e gy, defe ce systems, a d digital i f ast uctu e, but ma y deposits emai...

Read moreDetails
Web3Wire NFTs - The Web3 Collective

Web3Wire, $W3W Token and .w3w tld Whitepaper

Web3Wire, $W3W Token and .w3w tld Whitepaper

Claim your space in Web3 with .w3w Domain!

Web3Wire

Trending on Web3Wire

  • Top Cross-Chain DeFi Solutions to Watch by 2025

    166 shares
    Share 66 Tweet 42
  • Top Layer 1 Crypto Projects to Watch in 2025

    26 shares
    Share 10 Tweet 7
  • DEEP Robotics Showcases Core Technologies & Real-World Applications of Embodied Intelligence Robots at WAIC 2025

    12 shares
    Share 5 Tweet 3
  • Understanding Soulbound Tokens SBT Their Definition and Significance

    71 shares
    Share 28 Tweet 18
  • Unifying Blockchain Ecosystems: 2024 Guide to Cross-Chain Interoperability

    176 shares
    Share 70 Tweet 44
Join our Web3Wire Community!

Our newsletters are only twice a month, reaching around 10000+ Blockchain Companies, 800 Web3 VCs, 600 Blockchain Journalists and Media Houses.


* We wont pass your details on to anyone else and we hate spam as much as you do. By clicking the signup button you agree to our Terms of Use and Privacy Policy.

Web3Wire Podcasts

Upcoming Events

There are currently no events.

Latest on Web3Wire

  • How 100% Bonus Depreciation Is Reshaping the NNN Landscape
  • Foundation Software Helps Contractors Prepare for a Construction Accounting Software Demo
  • Payroll4Construction Highlights How hrHQ Extends HR Support for Construction Payroll Users
  • Americas Cardroom Unveils $1 Million Tournament With Just a $66 Buy-In
  • Cineplex Reports Impressive June Results with 11% Q2 Box Office Growth and Record Q2 Concession Revenue

RSS Latest on Block3Wire

  • The Algorithmic Monographs: A Five-Volume Civil Code for the Age of Autonomous Intelligence
  • Ali Sadhik Shaik: Practitioner, Scholar, and Author – Focused on the Governance of Intelligent Systems
  • The Klyrox Protocol: A Decentralized Framework to Close the AI Accountability Gap
  • Covo Finance: Revolutionary Crypto Leverage Trading Platform
  • WorldStrides and HEX Announce Partnership to Offer High School and University Students Innovative Courses Designed to Improve Their Outlook in the Digital Age

RSS Latest on Meta3Wire

  • The Algorithmic Monographs: A Five-Volume Civil Code for the Age of Autonomous Intelligence
  • Ali Sadhik Shaik: Practitioner, Scholar, and Author – Focused on the Governance of Intelligent Systems
  • The Klyrox Protocol: A Decentralized Framework to Close the AI Accountability Gap
  • Thumbtack Honored as a 2023 Transform Awards Winner
  • Accenture Invests in Looking Glass to Accelerate Shift from 2D to 3D
Web3Wire

Web3Wire is your go-to source for the latest insights and updates in Web3, Metaverse, Blockchain, AI, Cryptocurrencies, DeFi, NFTs, and Gaming. We provide comprehensive coverage through news, press releases, event updates, and research articles, keeping you informed about the rapidly evolving digital world.

  • About Web3Wire
  • Founder’s Note
  • Web3Wire NFTs – The Web3 Collective
  • .w3w TLD
  • $W3W Token
  • Web3Wire DAO
  • Event Partners
  • Community Partners
  • Our Media Network
  • Media Kit
  • RSS Feeds
  • Contact Us

Crypto Coins

  • Top 10 Coins
  • Top 50 Coins
  • Top 100 Coins
  • All Coins – Marketcap
  • Crypto Coins Heatmap

Crypto Exchanges

  • Top 10 Exchanges
  • Top 50 Exchanges
  • Top 100 Exchanges
  • All Crypto Exchanges

Crypto Stocks

  • Blockchain Stocks
  • NFT Stocks
  • Metaverse Stocks
  • Artificial Intelligence Stocks

Web3Wire Whitepaper | Tokenomics

Web3 Resources

  • Top Web3 and Crypto Youtube Channels
  • Latest Crypto News
  • Latest DeFi News
  • Latest Web3 News

Blockchain Resources

  • Blockchain and Web3 Resources
  • Decentralized Finance (DeFi) – Research Reports
  • All Crypto Whitepapers

Metaverse Resources

  • AR VR and Metaverse Resources
  • Metaverse Courses
Claim your space in Web3 with .w3w!

The Klyrox Protocol | The Algorithmic Monographs

Top 50 Web3 Blogs and Websites
Web3Wire Podcast on Spotify Web3Wire Podcast on Amazon Music 
Web3Wire - Web3 and Blockchain - News, Events and Press Releases | Product Hunt
Web3Wire on Google News

Media Portfolio: Block3Wire | Meta3Wire

  • Privacy Policy
  • Terms of Use
  • Disclaimer
  • Sitemap
  • For Search Engines
  • Crypto Sitemap
  • Exchanges Sitemap

© 2024 Web3Wire. We strongly recommend our readers to DYOR, before investing in any cryptocurrencies, blockchain projects, or ICOs, particularly those that guarantee profits.

Welcome Back!

Login to your account below

Forgotten Password?

Retrieve your password

Please enter your username or email address to reset your password.

Log In

Add New Playlist

No Result
View All Result
  • Coins
    • Top 10 Cryptocurrencies
    • Top 50 Cryptocurrencies
    • Top 100 Cryptocurrencies
    • All Coins
  • Exchanges
    • Top 10 Cryptocurrency Exchanges
    • Top 50 Cryptocurrency Exchanges
    • Top 100 Cryptocurrency Exchanges
    • All Crypto Exchanges
  • Stocks
    • Blockchain Stocks
    • NFT Stocks
    • Metaverse Stocks
    • Artificial Intelligence Stocks

© 2024 Web3Wire. We strongly recommend our readers to DYOR, before investing in any cryptocurrencies, blockchain projects, or ICOs, particularly those that guarantee profits.

This website uses cookies. By continuing to use this website you are giving consent to cookies being used. Visit our Privacy and Cookie Policy.