#LODEINFO

Spot the Difference: Earth Kasha’s New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella

by

November 19, 2024 at 03:59AM The blog analyzes Earth Kasha’s LODEINFO malware campaign targeting Japan, Taiwan, and India from 2023-2024. It highlights updated tactics, techniques, and procedures (TTPs), including exploiting vulnerabilities in public-facing applications, credential theft, and the use of various backdoors like LODEINFO and NOOPDOOR. The report draws connections with APT10 umbrella activities. ### … Read more

LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks

by

January 25, 2024 at 11:38AM Cybersecurity researchers uncovered an updated version of the backdoor malware LODEINFO distributed through spear-phishing attacks. Its capabilities include executing shellcode, taking screenshots, and exfiltrating files to an actor-controlled server. The Chinese nation-state actor Stone Panda is behind the backdoor, with attacks targeting Japan since 2021. Notable changes in the latest … Read more