Chinese APT 'Earth Krahang' Compromises 48 Gov't Orgs
A previously unidentified Chinese espionage group has managed to breach at least 70 organizations across 23 countries, including 48 in the government space, despite using rather standard-fare tactics, techniques, and procedures (TTPs).
"Earth Krahang" doesn't seem to be a high-level military APT. In a new report, researchers from Trend Micro suggested that it may be one wing of iSoon, a private hack-for-hire operation contracted by the Chinese Communist Party (CCP). And fitting such a cybercrime operation, rather than employing ultra-sophisticated malware and stealth tactics, it uses an arsenal of largely open source and well-documented tools, plus one-day vulnerabilities and standard social engineering, to defeat its targets. Despite this, its list of victims rivals that of the likes of Volt Typhoon, BlackTech, and Mustang Panda.