Earth Baku’s Global Cyber Blitz: From Indo-Pacific to Europe, Middle East, and Africa
Earth Baku, a China-backed threat actor, has expanded its cyber mischief beyond the Indo-Pacific to Europe, the Middle East, and Africa. With new targets like Italy and Germany, and using tools like StealthVector and SneakCross, they’re spreading digital chaos faster than a cat video goes viral.
Hot Take:
Earth Baku’s new travel itinerary includes Europe, the Middle East, and Africa, and they’re not just there for the falafel and schnitzel. This cyber group is making waves like an over-caffeinated tourist with a selfie stick, and they’ve got a bag full of new tricks and malware to boot!
Key Points:
- Earth Baku expands its operations to Europe, the Middle East, and Africa, targeting countries like Italy, Germany, U.A.E., and Qatar.
- Intrusions are aimed at governments, media and communications, telecoms, technology, healthcare, and education sectors.
- The group uses updated tactics involving public-facing applications like IIS servers to deploy sophisticated malware.
- New malware families include StealthReacher, SneakCross, and tools like Godzilla web shell, iox, Rakshasa, and MEGAcmd.
- Earth Baku leverages Google services for command-and-control (C2) communication and MEGA cloud storage for data exfiltration.
Already a member? Log in here