← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
China Aligned Cyberespionage Campaign Targets Governments
WHITE CODERED_VTA 2026-05-06 Modified: 2026-05-06
23
IOCs
MEDIUM VOLUME
Cybersecurity researchers have identified a China-aligned espionage campaign targeting government and defense organizations across South, East, and Southeast Asia, as well as a European NATO member. The activity cluster, tracked as SHADOW-EARTH-053, has been active since at least late 2024 and shows overlaps with previously known threat groups. Researchers said the attackers primarily exploit known vulnerabilities in internet-facing Microsoft Exchange and IIS servers, including flaws similar to...
initial-accesspersistenceprivilege-escalationexfiltrationT1190T1204T1215mediumvtathreat-intelligence
Indicators of Compromise (4 / 23 total)
All CVE FileHash-MD5 FileHash-SHA1 IPv4 FileHash-SHA256 domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 82eb4b752c60b99b451f7a53b8ac856afe9deb88 2026-05-06
FileHash-SHA1 c2870caa5f016822fdaf16e3c470f96eefd4b93f 2026-05-06
FileHash-SHA1 e7d4d5cac3e0f2adc24d9074997233ce21dc9805 2026-05-06
FileHash-SHA1 ffff45b776de1bc904a31db27882002d0aafc574 2026-05-06
References (1)
↗ https://www.trendmicro.com/en_us/research/26/d/inside-shadow-earth-053.html