← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
China Aligned Cyberespionage Campaign Targets Governments
WHITE CODERED_VTA 2026-05-06 Modified: 2026-05-06
23
IOCs
MEDIUM VOLUME
Cybersecurity researchers have identified a China-aligned espionage campaign targeting government and defense organizations across South, East, and Southeast Asia, as well as a European NATO member. The activity cluster, tracked as SHADOW-EARTH-053, has been active since at least late 2024 and shows overlaps with previously known threat groups. Researchers said the attackers primarily exploit known vulnerabilities in internet-facing Microsoft Exchange and IIS servers, including flaws similar to...
initial-accesspersistenceprivilege-escalationexfiltrationT1190T1204T1215mediumvtathreat-intelligence
Indicators of Compromise (4 / 23 total)
All CVE FileHash-MD5 FileHash-SHA1 IPv4 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 7c698dd4090564b179309c2a64266424 2026-05-06
FileHash-MD5 8918a891b4f8517af671bea58f0bae25 2026-05-06
FileHash-MD5 8ff586d02536d460bb020d4b400dba61 2026-05-06
FileHash-MD5 e5e0e0c0fadacee1105bd340fa1b2e6d 2026-05-06
References (1)
↗ https://www.trendmicro.com/en_us/research/26/d/inside-shadow-earth-053.html