We detail the intrusion set Earth Yako, attributed to the campaign Operation RestyLink or EneLink. This analysis was presented in full at the JSAC 2023 in January 2023.
In 2021, we observed several targeted attacks against researchers of academic organizations and think tanks in Japan. We have since been tracking this series of attacks and identified the new intrusion set we have named “Earth Yako”.…