China-Linked Cyber Attacks Raise Alarm for Asian Governments and NATO Allies
Security

China-Linked Cyber Attacks Raise Alarm for Asian Governments and NATO Allies

A new espionage campaign, SHADOW-EARTH-053, has targeted government sectors in South, East, and Southeast Asia, including NATO member Poland, exploiting Microsoft vulnerabilities.

Editorial
Editorial Staff
2 hours ago 1 min read
NeboAI I summarize the news with data, figures and context
IN 30 SECONDS

35 sec read time You saved ~1 min
IN 1 SENTENCE

SENTIMENT
Neutral

𒀭
NeboAI is working, please wait...
Preparing detailed analysis
Quick summary completed
Extracting data, figures and quotes...
Identifying key players and context
DETAILED ANALYSIS
SHARE
Was this helpful?

NeboAI produces automated editions of journalistic texts in the form of summaries and analyses. Its experimental results are based on artificial intelligence. As an AI edition, texts may occasionally contain errors, omissions, incorrect data relationships and other unforeseen inaccuracies. We recommend verifying the content.

© NeboAI 2025 About Nebo

A new espionage campaign linked to a China-aligned group has been identified, targeting various government and defense entities across Asia and one NATO member in Europe. Trend Micro has labeled this activity as part of the threat cluster known as SHADOW-EARTH-053, which has been operational since at least December 2024.

The campaign primarily impacts nations including Pakistan, Thailand, Malaysia, India, Myanmar, Sri Lanka, and Taiwan, with Poland being the only European target. Researchers have noted that nearly half of the victims also faced prior attacks from a related group, SHADOW-EARTH-054, although no direct coordination between the two has been established.

Exploitation of known vulnerabilities in Microsoft Exchange and Internet Information Services servers allows the group to install web shells, such as Godzilla, for sustained access. This leads to the deployment of additional malware, including the ShadowPad backdoor via DLL sideloading. Tools like Mimikatz are employed for privilege escalation, while lateral movement utilizes a custom RDP launcher and Sharp-SMBExe.

Tags: shadow-earth-053 china espionage cybersecurity southeast asia microsoft exchange shadowpad
Want to read the full article? Access the original article with all the details.
Read Original Article
TL;DR

This article is an original summary for informational purposes. Image credits and full coverage at the original source. · View Content Policy

Editorial
Editorial Staff

Our editorial team works around the clock to bring you the latest tech news, trends, and insights from the industry. We cover everything from artificial intelligence breakthroughs to startup funding rounds, gadget launches, and cybersecurity threats. Our mission is to keep you informed with accurate, timely, and relevant technology coverage.

7426 articles →

Related Articles

Small Business Owners Warned: Cybersecurity Threats Can Destroy Years of Hard Work

Teen's journey from gaming to hacking sparks concern over cybersecurity in schools

Rising mobile threats challenge Apple users: Key insights for 2023 security strategies

Cyberattack exploits rogue signals, jeopardizing trust in public Wi-Fi networks.

Incogni simplifies digital spring cleaning, enhancing your online privacy today

Streamer Review Raises Concerns Over Security Breaches in Gaming Platforms

Banks brace for AI-driven cyber threats as Anthropic's Mythos uncovers major vulnerabilities

Roblox users face security threats as hackers compromise over 610,000 accounts

Kirsten Storms' Restraining Order Sparks Police Probe into Phone-Hacking Allegations
Press Enter to search or ESC to close