Summary: Trend Micro has uncovered Earth Alux, a sophisticated China-linked APT group targeting strategic sectors in the Asia-Pacific and Latin America. Utilizing advanced tools like the VARGEIT backdoor and COBEACON, they execute cyber-espionage with minimal detection, emphasizing the threat to sensitive data across various industries. The groupβs operations highlight a growing emphasis on maintaining persistent access while employing complex evasion tactics.
Affected: Government, Telecommunications, Technology, Logistics, Manufacturing, IT Services, Retail
Keypoints :
- Earth Alux targets high-value information across various sectors, with initial detection in Q2 2023.
- VARGEIT functions as a multi-stage backdoor, facilitating remote access, fileless execution, and lateral movements.
- Leveraging Microsoft Outlook for covert C2 communication, the group employs meticulous tactics to remain stealthy while exfiltrating data.
Source: https://securityonline.info/earth-alux-apt-group-unveiling-its-espionage-toolkit/