Chinese Cyber Shenanigans: Earth Ammit’s Drone Supply Chain Disruption in Taiwan and South Korea
Earth Ammit’s Venom and Tidrone campaigns disrupted Taiwan and South Korea’s drone supply chain with precision. These Chinese threat actors hacked their way into trusted vendor systems, proving that supply chain attacks can ripple globally. Trend Micro notes their shift from open-source tools to custom malware for stealthy cyberespionage.
Hot Take:
Wow, Earth Ammit isn’t just trying to take control of drones; they’re trying to fly them all the way to the moon! In a move that screams “villain from a Bond movie,” they’re targeting the drone supply chain like it’s the last piece of cake at a birthday party. With their sneaky two-step campaigns, Tidrone and Venom, they’re the cyber equivalent of a bad romcom where someone tries to ruin a wedding… except no one’s laughing here.
Key Points:
- Earth Ammit, a Chinese threat actor, targets the drone supply chain in Taiwan and South Korea.
- The campaigns, Tidrone and Venom, were conducted between 2023 and 2024 across multiple sectors.
- Hacking techniques included exploiting ERP software and remote desktop access.
- Venom used open-source tools for web server vulnerability exploitation.
- Tidrone focused on malware distribution and cyberespionage.