Dark Mode Light Mode
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices
CSEC NEWS | Cybersecurity News | Stay informed on the latest cyber threats, vulnerabilities, and cybersecurity best practices

China-Linked Earth Alux Targets APAC & LATAM

China-Linked Earth Alux Targets APAC & LATAM China-Linked Earth Alux Targets APAC & LATAM
China-Linked Earth Alux Targets APAC & LATAM

New Cyber Espionage Campaign

Cybersecurity researchers have identified Earth Alux, a China-linked threat actor, targeting industries such as government, technology, logistics, telecommunications, and retail in the Asia-Pacific (APAC) and Latin America (LATAM) regions.

Attack Tactics & Malware Used

  • Initial Access: Exploiting vulnerable web applications to deploy Godzilla web shell and drop malware.
  • Key Malware:
    • VARGEIT: A backdoor that loads tools via mspaint.exe for reconnaissance and lateral movement.
    • COBEACON: A first-stage backdoor, delivered via MASQLOADER or RSBINJECT, with anti-API hooking capabilities.
  • Evasion Techniques:
    • DLL Side-Loading: Using RAILLOAD to run encrypted payloads stealthily.
    • Timestomping & Persistence: RAILSETTER modifies timestamps and sets up scheduled tasks.
    • Multi-Channel C2 Communication: Uses HTTP, TCP, UDP, ICMP, DNS, and Microsoft Outlook’s Graph API for stealthy data exchange.

Advanced Testing & Adaptation

Earth Alux leverages ZeroEye (for DLL side-loading detection) and VirTest (for security evasion testing) to refine its attack methods and avoid detection.

Conclusion

Earth Alux is a highly advanced cyberespionage threat, continuously evolving its tactics to infiltrate APAC and LATAM organizations. Strengthening threat detection, endpoint security, and proactive monitoring is crucial to defense.

Cybersecurity News
By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Use
Advertisement