"Earth Krahang Campaign Compromised Government Servers in 23 Countries"
"Earth Krahang," a previously unknown Advanced Persistent Threat (APT) group linked to China, compromised 70 organizations in 23 countries as part of a cyber espionage campaign. Most of the targeted organizations are government entities. According to Trend Micro researchers who discovered the campaign, the group targeted public-facing servers, exploited known vulnerabilities, and sent spear-phishing emails to deliver previously unknown backdoor malware. The campaign mainly focused on Southeast Asia but also targeted entities in America, Europe, and Africa. Earth Krahang exploits the trust between governments to carry out their attacks. The researchers discovered that the group often uses compromised government web servers to host their backdoors and distribute download links to other government entities through phishing emails. This article continues to discuss findings and observations regarding the two-year cyber espionage campaign by the China-linked group Earth Krahang.
SC Magazine reports "Earth Krahang Campaign Compromised Government Servers in 23 Countries"
Submitted by grigby1