top of page
Search

Earth Preta Spear-Phishing Governments Worldwide

Trendmicro has been monitoring a wave of spear-phishing attacks targeting the government, academic, foundations, and research sectors around the world. Based on the lure documents we observed in the wild, this is a large-scale cyberespionage campaign that began around March. After months of tracking, the seemingly wide outbreak of targeted attacks includes but not limited to Myanmar, Australia, the Philippines, Japan and Taiwan.



ADVERSARY: Earth Preta


INDUSTRY: Government


TARGETED COUNTRIES: Taiwan, Japan, Philippines, Australia, Myanmar


MALWARE FAMILIES: TONEINS, PUBLOAD, TONESHELL


ATT&CK IDS: T1583 - Acquire Infrastructure, T1587 - Develop Capabilities, T1585 - Establish Accounts, T1588 - Obtain Capabilities, T1608 - Stage Capabilities, T1192 - Spearphishing Link, T1204 - User Execution, T1547 - Boot or Logon Autostart Execution, T1574 - Hijack Execution Flow, T1053 - Scheduled Task/Job, T1140 - Deobfuscate/Decode Files or Information, T1036 - Masquerading, T1071 - Application Layer Protocol, T1573 - Encrypted Channel, T1104 - Multi-Stage Channels, T1095 - Non-Application Layer Protocol


Read More:

1 view

Comments


Commenting has been turned off.
bottom of page