Security News > 2022 > January > Earth Lusca Hackers Aimed at High-Value Targets in Government and Private Sectors

An elusive threat actor called Earth Lusca has been observed striking organizations across the world as part of what appears to be simultaneously an espionage campaign and an attempt to reap monetary profits.

"The list of its victims includes high-value targets such as government and educational institutions, religious movements, pro-democracy and human rights organizations in Hong Kong, COVID-19 research organizations, and the media, amongst others," Trend Micro researchers said in a new report.

Earth Lusca's intrusion routes are facilitated by spear-phishing and watering hole attacks, while also leveraging vulnerabilities in public-facing applications, such as Microsoft Exchange ProxyShell and Oracle GlassFish Server exploits, as an attack vector.

Telemetry data gathered by Trend Micro reveal that Earth Lusca staged attacks against entities that could be of strategic interest to the Chinese government, including -.

"Evidence points to Earth Lusca being a highly-skilled and dangerous threat actor mainly motivated by cyberespionage and financial gain. However, the group still primarily relies on tried-and-true techniques to entrap a target," the researchers said.

"While this has its advantages, it also means that security best practices, such as avoiding clicking on suspicious email/website links and updating important public-facing applications, can minimize the impact - or even stop - an Earth Lusca attack."

News URL

https://thehackernews.com/2022/01/earth-lusca-hackers-aimed-at-high-value.html