Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions

SUMMARY :

Earth Estries, a Chinese APT group, has been aggressively targeting critical sectors globally since 2023. The group employs advanced techniques and multiple backdoors, including GHOSTSPIDER, SNAPPYBEE, and MASOL RAT, to compromise organizations in telecommunications, government, and other industries across various countries. Their sophisticated attacks exploit server vulnerabilities for initial access and use living-off-the-land binaries for lateral movement. Earth Estries has successfully infiltrated over 20 organizations, demonstrating a complex C&C infrastructure and possible shared tools with other Chinese APT groups. The group's operations involve long-term espionage activities, targeting not only critical services but also vendor networks to facilitate broader access.

OPENCTI LABELS :

government,telecommunications,demodex,crowdoor,chinese apt,masol rat,sparrowdoor,snappybee


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions