#APT10

Guess Who’s Back – The Return of ANEL in the Recent Earth Kasha Spear-phishing Campaign in 2024

by

November 26, 2024 at 03:32AM Trend Micro reports a new spear-phishing campaign by Earth Kasha targeting Japan, using tactics involving the backdoor ANEL and the malware NOOPDOOR. This operation shifts focus from enterprises to individuals in sensitive sectors. The campaign employs sophisticated infection vectors and evasion techniques, necessitating ongoing vigilance and threat intelligence monitoring. ### … Read more

Spot the Difference: Earth Kasha’s New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella

by

November 19, 2024 at 03:59AM The blog analyzes Earth Kasha’s LODEINFO malware campaign targeting Japan, Taiwan, and India from 2023-2024. It highlights updated tactics, techniques, and procedures (TTPs), including exploiting vulnerabilities in public-facing applications, credential theft, and the use of various backdoors like LODEINFO and NOOPDOOR. The report draws connections with APT10 umbrella activities. ### … Read more

China-Aligned MirrorFace Hackers Target EU Diplomats with World Expo 2025 Bait

by

November 7, 2024 at 06:21AM The China-aligned hacking group MirrorFace has targeted a European Union diplomatic organization using a phishing lure related to the upcoming 2025 World Expo in Japan. This marks their first attack in the EU, continuing a trend of targeting Japan and expanding into Taiwan and India since 2023. ### Meeting Takeaways … Read more

Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware

by

July 31, 2024 at 07:27AM Japanese organizations are targeted by a Chinese nation-state threat actor using malware like LODEINFO and NOOPDOOR to steal sensitive data, with Israeli cybersecurity company Cybereason tracking the campaign as Cuckoo Spear, related to APT10. The group uses spear-phishing emails and targets public-facing applications for data exfiltration, maintaining persistence for years. … Read more