Earth Tengshe

Threat Actor updated 23 days ago (2024-11-29T14:53:06.038Z)
Download STIX
Preview STIX
Earth Tengshe, also known as Bronze Riverside, is a threat actor believed to be associated with APT10, a notorious cyber espionage group. This entity has been involved in several malicious campaigns, including the "A41APT Campaign" and the "LODEINFO Campaign #1", suggesting a continuous pattern of activity aimed at compromising various industries. Earth Tengshe's methods involve the use of custom malware such as SigLoader, SodaMaster, P8RAT, FYAnti, and Jackpot, differing from those used by another subgroup, Earth Kasha, in the LODEINFO Campaign #2. In late 2021, Earth Tengshe targeted overseas subsidiaries and suppliers of Japanese manufacturing, engineering, electronics, automotive, energy, and technology companies, ostensibly to gain access to parent companies in Japan. This indicates a strategic focus on high-value targets that could provide valuable industrial and technological information. Both Earth Tengshe and Earth Kasha have shown a tendency to target public-facing applications, aiming to exfiltrate data and information within networks. This tactic is common among threat actors pursuing espionage or extortion objectives. APT10, the umbrella group to which Earth Tengshe and Earth Kasha belong, is characterized by its use of custom malware for espionage-related exploits across a wide range of regions. The possible shared operator resources or tactics, techniques, and procedures (TTPs) between Earth Tengshe and Earth Kasha suggest a coordinated approach towards their malicious activities. It is crucial to understand these patterns and similarities to develop effective countermeasures against such persistent threats.
Description last updated: 2024-11-21T10:29:11.874Z
What's your take? (Question 1 of 0)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Associated Threat Actors
To see the evidence that has resulted in these threatActor associations, create a free account
Alias DescriptionAssociation TypeVotes
The APT10 Threat Actor is associated with Earth Tengshe. APT10, also known as Menupass, is a sophisticated threat actor believed to operate on behalf of the Chinese Ministry of State Security (MSS). This group has been associated with numerous cyber espionage campaigns targeting various sectors globally. Recent analysis suggests a link between APT10 and oUnspecified
2
Source Document References
Information about the Earth Tengshe Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more