LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks #cybersecurity #infosec #privacy #news thehackernews.com/20...
January 25, 2024 at 4:47 PM
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks #cybersecurity #infosec #privacy #news thehackernews.com/20...
MirrorFace is een China-gelieerde APT10-subgroep gericht op cyberspionage sinds 2019, bekend om aanvallen met LODEINFO, HiddenFace en ANEL-backdoors tegen defensie, media, diplomatieke instellingen en financiële organisaties, vooral in Japan en recent Europa.
#ESET #Cybersecurity #APT
#ESET #Cybersecurity #APT
March 31, 2025 at 8:33 AM
MirrorFace is een China-gelieerde APT10-subgroep gericht op cyberspionage sinds 2019, bekend om aanvallen met LODEINFO, HiddenFace en ANEL-backdoors tegen defensie, media, diplomatieke instellingen en financiële organisaties, vooral in Japan en recent Europa.
#ESET #Cybersecurity #APT
#ESET #Cybersecurity #APT
⚠️ #Chinese hackers have upgraded the LODEINFO #malware to target #Japanese organizations. They're spreading it via spear-phishing emails containing malicious Word documents, which install the backdoor through macros.
thehackernews.com/2024/01/lode...
#hacking #cybersecurity
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks
APT10, a Chinese nation-state hacking group, has updated its LODEINFO backdoor to target Japanese organizations with fileless malware.
thehackernews.com
January 25, 2024 at 11:02 PM
⚠️ #Chinese hackers have upgraded the LODEINFO #malware to target #Japanese organizations. They're spreading it via spear-phishing emails containing malicious Word documents, which install the backdoor through macros.
thehackernews.com/2024/01/lode...
#hacking #cybersecurity
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware
thehackernews.com/2024/07/chin...
#Infosec #Security #Cybersecurity #CeptBiro #ChineseHackers #JapaneseFirms #LODEINFO #NOOPDOOR #Malware
thehackernews.com/2024/07/chin...
#Infosec #Security #Cybersecurity #CeptBiro #ChineseHackers #JapaneseFirms #LODEINFO #NOOPDOOR #Malware
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware
Chinese APT10 group targets Japanese firms with LODEINFO and NOOPDOOR malware, Cybereason uncovers prolonged cyber espionage.
thehackernews.com
July 31, 2024 at 1:21 PM
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware
thehackernews.com/2024/07/chin...
#Infosec #Security #Cybersecurity #CeptBiro #ChineseHackers #JapaneseFirms #LODEINFO #NOOPDOOR #Malware
thehackernews.com/2024/07/chin...
#Infosec #Security #Cybersecurity #CeptBiro #ChineseHackers #JapaneseFirms #LODEINFO #NOOPDOOR #Malware
#日本 も #標的 に : #Earth_Kasha 、 #テクノロジー企業 と #政府機関 狙って #LODEINFO や #NOOPDOOR を展開 | Codebook|Security News
攻撃ではアクセスを取得した後、永続化を確立するためにCobalt Strike ... CrowdStrikeの研究者は、中国との関連が疑われる国家支援型脅威アクター「LIMINAL PANDA ...
codebook.machinarecord.com/threatreport...
攻撃ではアクセスを取得した後、永続化を確立するためにCobalt Strike ... CrowdStrikeの研究者は、中国との関連が疑われる国家支援型脅威アクター「LIMINAL PANDA ...
codebook.machinarecord.com/threatreport...
日本も標的に:Earth Kasha、テクノロジー企業と政府機関狙ってLODEINFOやNOOPDOORを展開 | Codebook|Security News
Earth Kasha、テクノロジー企業と政府機関狙ってLODEINFOやNOOPDOORを展開|Docusignを使った最新のキャンペーン、さまざまな政府機関を装う|LIMINAL PANDA、諜報目的で電気通信部門を標的に ほか。
codebook.machinarecord.com
November 23, 2024 at 12:31 AM
#日本 も #標的 に : #Earth_Kasha 、 #テクノロジー企業 と #政府機関 狙って #LODEINFO や #NOOPDOOR を展開 | Codebook|Security News
攻撃ではアクセスを取得した後、永続化を確立するためにCobalt Strike ... CrowdStrikeの研究者は、中国との関連が疑われる国家支援型脅威アクター「LIMINAL PANDA ...
codebook.machinarecord.com/threatreport...
攻撃ではアクセスを取得した後、永続化を確立するためにCobalt Strike ... CrowdStrikeの研究者は、中国との関連が疑われる国家支援型脅威アクター「LIMINAL PANDA ...
codebook.machinarecord.com/threatreport...
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware #cybersecurity #infosec #privacy #news thehackernews.com/20...
July 31, 2024 at 4:01 PM
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware #cybersecurity #infosec #privacy #news thehackernews.com/20...
Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella | Trend Micro (US) www.trendmicro.com/en_us/resear...
Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella
LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. We have identified a new campaign connected to this group with signific...
www.trendmicro.com
November 20, 2024 at 6:09 AM
Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella | Trend Micro (US) www.trendmicro.com/en_us/resear...
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks
APT10, a Chinese nation-state hacking group, has updated its LODEINFO backdoor to target Japanese organizations with fileless malware.
thehackernews.com
January 25, 2024 at 12:21 PM
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks
The group primarily leveraged #ANEL as a first-stage backdoor, #HiddenFace – MirrorFace’s flagship backdoor – was dropped later in the attack to bolster persistence . Notably absent this time was #LODEINFO, which #MirrorFace typically employs. 7/8
March 18, 2025 at 10:03 AM
The group primarily leveraged #ANEL as a first-stage backdoor, #HiddenFace – MirrorFace’s flagship backdoor – was dropped later in the attack to bolster persistence . Notably absent this time was #LODEINFO, which #MirrorFace typically employs. 7/8
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware
Chinese APT10 group targets Japanese firms with LODEINFO and NOOPDOOR malware, Cybereason uncovers prolonged cyber espionage.
thehackernews.com
July 31, 2024 at 11:38 AM
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks
#thehackersnews
#thehackersnews
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks
APT10, a Chinese nation-state hacking group, has updated its LODEINFO backdoor to target Japanese organizations with fileless malware.
thehackernews.com
January 25, 2024 at 12:25 PM
LODEINFO Fileless Malware Evolves with Anti-Analysis and Remote Code Tricks
#thehackersnews
#thehackersnews
1つのマルウェアに対し、バージョンを上げるにつれ、どういう機能が追加され、どのような手法の変更があったか。僕より数倍勤勉。僕も、もっと自分がつくったソフトウェアのメンテをしなければ... "分析官と攻撃者の解析回避を巡る終わりなき戦い: LODEINFO v0.6.6 - …" https://blog.itochuci.co.jp/entry/2024/01/24/134047
January 25, 2024 at 2:31 PM
1つのマルウェアに対し、バージョンを上げるにつれ、どういう機能が追加され、どのような手法の変更があったか。僕より数倍勤勉。僕も、もっと自分がつくったソフトウェアのメンテをしなければ... "分析官と攻撃者の解析回避を巡る終わりなき戦い: LODEINFO v0.6.6 - …" https://blog.itochuci.co.jp/entry/2024/01/24/134047
1/3 - Japan confirms years of cyberattacks by the China-linked group "MirrorFace" (APT10). Since 2019, phishing campaigns, malware like LODEINFO & NOOPDOOR, and VPN exploits targeted government agencies, academia, and industries, compromising data and critical systems.
January 9, 2025 at 8:41 AM
1/3 - Japan confirms years of cyberattacks by the China-linked group "MirrorFace" (APT10). Since 2019, phishing campaigns, malware like LODEINFO & NOOPDOOR, and VPN exploits targeted government agencies, academia, and industries, compromising data and critical systems.
February ACCE Release notes are live for v2-5-20240201: www.ciphertechsolutions.com/acce-release... #DarkGate #HornetStealer #RisePro #APT28 #LodeInfo #Medusagaze
February 2, 2024 at 5:33 PM
February ACCE Release notes are live for v2-5-20240201: www.ciphertechsolutions.com/acce-release... #DarkGate #HornetStealer #RisePro #APT28 #LodeInfo #Medusagaze
4/6
💻 The Payloads:
Post-exploit, Earth Kasha deploys:
Cobalt Strike: For lateral movement.
LodeInfo: Info-stealing malware.
NoopDoor: Custom backdoor.
Their goal? Long-term persistence and espionage.
💻 The Payloads:
Post-exploit, Earth Kasha deploys:
Cobalt Strike: For lateral movement.
LodeInfo: Info-stealing malware.
NoopDoor: Custom backdoor.
Their goal? Long-term persistence and espionage.
December 2, 2024 at 11:03 AM
4/6
💻 The Payloads:
Post-exploit, Earth Kasha deploys:
Cobalt Strike: For lateral movement.
LodeInfo: Info-stealing malware.
NoopDoor: Custom backdoor.
Their goal? Long-term persistence and espionage.
💻 The Payloads:
Post-exploit, Earth Kasha deploys:
Cobalt Strike: For lateral movement.
LodeInfo: Info-stealing malware.
NoopDoor: Custom backdoor.
Their goal? Long-term persistence and espionage.
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware
#thehackersnews
#thehackersnews
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware
Chinese APT10 group targets Japanese firms with LODEINFO and NOOPDOOR malware, Cybereason uncovers prolonged cyber espionage.
thehackernews.com
July 31, 2024 at 11:30 AM
Chinese Hackers Target Japanese Firms with LODEINFO and NOOPDOOR Malware
#thehackersnews
#thehackersnews
MirrorFace, a Chinese state-sponsored group, has targeted Japan since 2019, stealing tech and security data via phishing, exploited vulnerabilities (Array, Fortinet, Citrix), and malware (LODEINFO, ANEL, NOOPDOOR). Monitor for suspicious activity.#MirrorFaceThreat
January 10, 2025 at 5:07 AM
MirrorFace, a Chinese state-sponsored group, has targeted Japan since 2019, stealing tech and security data via phishing, exploited vulnerabilities (Array, Fortinet, Citrix), and malware (LODEINFO, ANEL, NOOPDOOR). Monitor for suspicious activity.#MirrorFaceThreat
China's MSS has used #CobaltStrike to host their C&C #servers & deploy LODEINFO and NOOPDOOR on company networks through Cobalt "beacons."
#APT10 #CuckooSpear
www.potatoeason.com/blog/cuckoo-...
#APT10 #CuckooSpear
www.potatoeason.com/blog/cuckoo-...
September 21, 2024 at 8:14 AM
China's MSS has used #CobaltStrike to host their C&C #servers & deploy LODEINFO and NOOPDOOR on company networks through Cobalt "beacons."
#APT10 #CuckooSpear
www.potatoeason.com/blog/cuckoo-...
#APT10 #CuckooSpear
www.potatoeason.com/blog/cuckoo-...
Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella https://buff.ly/3ZdtNKs
Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella
LODEINFO is a malware used in attacks targeting mainly Japan since 2019. Trend Micro has been tracking the group as Earth Kasha. We have identified a new campaign connected to this group with…
buff.ly
November 25, 2024 at 9:42 AM
Spot the Difference: Earth Kasha's New LODEINFO Campaign And The Correlation Analysis With The APT10 Umbrella https://buff.ly/3ZdtNKs