China Chinese Cybersecurity Distribution Entertainment Espionage European Google Hacker Hong Kong India Internet Malaysia Malware media intelligence Microsoft Myanmar NATO News Media Pakistan Search Engine Semiconductor spy Taiwan Technology
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO. Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to be active since at least December 2024, while sharing some level of network overlap with CL-STA-0049, Earth Alux, and REF7707. “The group exploits N-day vulnerabilities in internet-facing Microsoft Exchange and Internet Information Services (IIS) servers (e.g., ProxyLogon chain), then deploys web shells (Godzilla) for persistent access…
News Timeline:
Track the development of this news story across the Internet.