Read more about the latest research I did with my talented colleague @jaromirhorejsi ! We exposed a previously unreported and new malware family we named KTLVdoor, used by Chinese-speaking threat actors including #EarthLusca ! More than 50 C2s have been found to communicate with this #malware family !
https://www.trendmicro.com/en_us/research/24/i/earth-lusca-ktlvdoor.html
Trend Micro reports on a new China-nexus cyberespionage group (dubbed Earth Krahang) that primarily targets Southeast Asia and then Europe, America, and Africa. It has multiple connections to another Chinese APT Earth Lusca (aka Aquatic Panda, Bronze University, Charcoal Typhoon, RedHotel) and potential links to i-SOON. Trend Micro was able to retrieve multiple files from Earth Krahang’s servers, including samples, configuration files, and log files from its attack tools. MITRE ATT&CK TTPs and IOC provided. 🔗 https://www.trendmicro.com/en_us/research/24/c/earth-krahang.html
#EarthKrahang #cyberespionage #EarthLusca #AquaticPanda #CharcoalTyphoon #RedHotel #China #APT #IOC #threatintel #MITREATTACK
cedricpernet
Not Simon
