Lucene search
K

9 matches found

Trend Micro Simply Security
Trend Micro Simply Security
added 2024/11/19 12:0 a.m.8 views

Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella

LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. We have identified a new campaign connected to this group with significant updates to their strategy, tactics, and arsenals...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/07/31 11:1 a.m.65 views

Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware

Japanese organizations are the target of a Chinese nation-state threat actor that leverages malware families like LODEINFO and NOOPDOOR to harvest sensitive information from compromised hosts while stealthily remaining under the radar in some cases for a time period ranging from two to three year...

9.8CVSS10AI score0.85689EPSS
Exploits10
The Hacker News
The Hacker News
added 2024/01/25 11:30 a.m.36 views

LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks

Cybersecurity researchers have uncovered an updated version of a backdoor called LODEINFO that's distributed via spear-phishing attacks. The findings come from Japanese company ITOCHU Cyber & Intelligence, which said the malware "has been updated with new features, as well as changes to the...

8.1AI score
Exploits0
hivepro
hivepro
added 2022/12/19 9:22 a.m.19 views

China-based MirrorFace APT group targeting Japanese Political Entities

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary A Chinese-speaking APT group named MirrorFace has started its attacks by spearphishing campaign with LODEINFO backdoor, targeting Japanese political entities since June 29, 2022 and this campaign operatio...

1.3AI score
Exploits0
The Hacker News
The Hacker News
added 2022/12/15 1:58 p.m.44 views

Researchers Uncover MirrorFace Cyber Attacks Targeting Japanese Political Entities

A Chinese-speaking advanced persistent threat APT actor codenamed MirrorFace has been attributed to a spear-phishing campaign targeting Japanese political establishments. The activity, dubbed Operation LiberalFace by ESET, specifically focused on members of an unnamed political party in the natio...

0.6AI score
Exploits0
hivepro
hivepro
added 2022/11/02 12:9 p.m.37 views

APT10 distributes LODEINFO malware to deploy infection chains

Threat Level Actor Report For a detailed threat advisory, download the pdf file here Summary The APT 10 cyber espionage gang has been spotted adopting a new stealthy infection chain to deploy the LODEINFO backdoor shellcode to exfiltrate sensitive information to Command and Control C2...

2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/11/01 3:15 p.m.31 views

Chinese Hackers Using New Stealthy Infection Chain to Deploy LODEINFO Malware

The Chinese state-sponsored threat actor known as Stone Panda has been observed employing a new stealthy infection chain in its attacks aimed at Japanese entities. Targets include media, diplomatic, governmental and public sector organizations, and think-tanks in Japan, according to twin reports...

7.5AI score
Exploits0
Securelist
Securelist
added 2022/10/31 8:0 a.m.43 views

APT10: Tracking down LODEINFO 2022, part II

In the previous publication Tracking down LODEINFO 2022, part I, we mentioned that the initial infection methods vary in different attack scenarios and that the LODEINFO shellcode was regularly updated for use with each infection vector. In this article, we discuss improvements made to the LODEIN...

0.4AI score
Exploits0
Securelist
Securelist
added 2022/10/31 8:0 a.m.25 views

APT10: Tracking down LODEINFO 2022, part I

Kaspersky has been tracking activities involving the LODEINFO malware family since 2019, looking for new modifications and thoroughly investigating any attacks utilizing those new variants. LODEINFO is sophisticated fileless malware first named in a blogpost from JPCERT/CC in February 2020. The...

7AI score
Exploits0
Rows per page
Query Builder