Weβve been monitoring a threat actor dubbed #EarthKrahang. This #APT group targets governments worldwide, using techniques like spear phishing and brute force attacks to infiltrate networks and conduct espionage.
#Cybersecurity #hacking
https://www.trendmicro.com/en_us/research/24/c/earth-krahang.html?utm_source=trendmicroresearch&utm_medium=smk&utm_campaign=032024_EarthKrahang
In a rare Sunday posting, Check Point Research (CPR) reports on version 11 of DinodasRAT for Linux, dubbed Linodas, that is used by a Chinese cyberespionage threat actor group called Earth Krahang. DinodasRAT, also known as XDealer was also observed previously in attcks by the Chinese threat actor LuoYu CPR provides a technical analysis and origins on the Linodas backdoor. IOC listed. π https://research.checkpoint.com/2024/29676/
#threatintel #DinodasRAT #Linodas #IOC #EarthKrahang #LuoYu #China #cyberespionage
Introduction In recent months, Check Point Research (CPR) has been closely monitoring the activity of a Chinese-nexus cyber espionage threat actor who is focusing on Southeast Asia, Africa, and South America. This activity significantly aligns with the insights the Trend Micro researchers publicly shared in their comprehensive analysis of a threat actor called Earth Krahang. This [β¦]
Trend Micro reports on a new China-nexus cyberespionage group (dubbed Earth Krahang) that primarily targets Southeast Asia and then Europe, America, and Africa. It has multiple connections to another Chinese APT Earth Lusca (aka Aquatic Panda, Bronze University, Charcoal Typhoon, RedHotel) and potential links to i-SOON. Trend Micro was able to retrieve multiple files from Earth Krahangβs servers, including samples, configuration files, and log files from its attack tools. MITRE ATT&CK TTPs and IOC provided. π https://www.trendmicro.com/en_us/research/24/c/earth-krahang.html
#EarthKrahang #cyberespionage #EarthLusca #AquaticPanda #CharcoalTyphoon #RedHotel #China #APT #IOC #threatintel #MITREATTACK
Anonymous ποΈπΎβπ΅π΄π΅πΈ 
Not Simon