Earth Lamia Strikes: China’s Cyber Espionage Escapades Targeting Global Industries Unveiled

Earth Lamia, a China-linked threat actor, has been exploiting multiple vulnerabilities like CVE-2025-31324 in SAP NetWeaver for cyber espionage. The group targets organizations across Brazil, India, and Southeast Asia, shifting from financial services to logistics, online retail, and now IT, universities, and government entities.

Pro Dashboard

Hot Take:

Well, it seems like China-linked hackers have decided to take their talents on a worldwide tour! With targets spanning from Bollywood to beaches in Southeast Asia, these cybercriminals are really getting their frequent flyer miles in. Just remember, folks, the only thing scarier than a 404 Error is a hacker with a passport and a penchant for SQL injections!

Key Points:

  • The China-linked group, Earth Lamia, is exploiting SAP NetWeaver and other vulnerabilities.
  • Targets include a variety of sectors in Brazil, India, and Southeast Asia.
  • They use a mix of custom backdoors and known vulnerabilities for infiltration.
  • Mimic ransomware attempts have been largely unsuccessful in India.
  • Their focus has shifted from financial services to logistics, retail, IT, and government.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?