Earth Krahang

Threat Actor updated 2 months ago (2024-07-14T23:18:25.279Z)
Download STIX
Preview STIX
Earth Krahang is a threat actor, a term used in cybersecurity to describe an entity responsible for malicious activities. This could be an individual, a private company, or even a government organization. In the world of cybersecurity, unique names are often given to these actors to differentiate their activities and modus operandi. Earth Krahang has recently come into focus due to its significant and concerning activities. The Advanced Persistent Threat (APT) group known as Earth Krahang has been implicated in a series of cyber breaches impacting government organizations globally. The scale of these breaches is substantial, with tens of government bodies affected worldwide. The information regarding these attacks has been widely reported on various cybersecurity platforms, including Security Affairs, highlighting the severity and global reach of Earth Krahang's activities. These breaches have raised serious concerns about global cybersecurity infrastructure, particularly within government organizations. Earth Krahang's ability to compromise such a wide range of entities underscores the sophistication of their tactics and the potential damage they can cause. As a result, there is a pressing need for heightened security measures and increased vigilance to counteract these threats and protect sensitive information from being exploited by such threat actors.
Description last updated: 2024-07-14T22:25:22.575Z
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Earth Lusca
3
Earth Lusca, a threat actor identified as being Chinese-speaking, has been active since at least the first half of 2023. The group primarily targets organizations in Southeast Asia, Central Asia, and the Balkans. Recently, it has expanded its arsenal with SprySOCKS Linux malware, a new addition that
ISOON
2
iSoon, also known as Shanghai Anxun Information Technology, is a Chinese InfoSec vendor headquartered in Shanghai. The company was at the center of a significant data leak which exposed its connections to various Chinese Advanced Persistent Threat (APT) groups, supporting the "quartermaster" theory
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Apt
Backdoor
Government
Vpn
ISOON
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Malware
To see the evidence that has resulted in these malware associations, create a free account
IDTypeVotesProfile Description
DinodasratUnspecified
3
DinodasRAT is a malicious software that has been causing significant security concerns worldwide. This malware, which targets both Windows and Linux operating systems, is designed to infiltrate your system and perform harmful activities such as stealing personal information, disrupting operations, o
Source Document References
Information about the Earth Krahang Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
PreviewSource LinkCreatedAtTitle
Securityaffairs
a month ago
SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 6
Securityaffairs
a month ago
security-affairs-malware-newsletter-round-5
Securityaffairs
2 months ago
Security Affairs Malware Newsletter - Round 3
Securityaffairs
2 months ago
Security Affairs Malware Newsletter - Round 3
Securityaffairs
2 months ago
Security Affairs Malware Newsletter - Round 2
Securityaffairs
2 months ago
Security Affairs Malware Newsletter - Round 1
Securityaffairs
2 months ago
Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
3 months ago
Security Affairs newsletter Round 477 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
3 months ago
Security Affairs newsletter Round 476 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
4 months ago
Security Affairs newsletter Round 473 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
4 months ago
Security Affairs newsletter Round 470 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
5 months ago
Security Affairs newsletter Round 469 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
5 months ago
Security Affairs newsletter Round 467 by Pierluigi Paganini – INTERNATIONAL EDITION
Securityaffairs
5 months ago
Security Affairs newsletter Round 466 by Pierluigi Paganini
BankInfoSecurity
5 months ago
DinodasRAT Backdoor Targeting Linux Machines Worldwide
Securityaffairs
5 months ago
Security Affairs newsletter Round 465 by Pierluigi Paganini
Checkpoint
5 months ago
Malware Spotlight: Linodas aka DinodasRAT for Linux - Check Point Research
Securityaffairs
5 months ago
DinodasRAT Linux variant targets users worldwide
Checkpoint
6 months ago
25th March – Threat Intelligence Report - Check Point Research
Securityaffairs
6 months ago
Security Affairs newsletter Round 464 by Pierluigi Paganini