Spot the difference: earth kasha’s new lodeinfo campaign and the correlation analysis with the apt10 umbrella

Intel Name: Spot the difference: earth kasha’s new lodeinfo campaign and the correlation analysis with the apt10 umbrella

Date of Scan: November 22, 2024

Impact: High

Summary:
LODEINFO is malware primarily targeting Japan since 2019, attributed to a group Trend Micro tracks as Earth Kasha. While some vendors link this group to APT10, there is insufficient evidence to confirm the connection. Trend Micro treats APT10 and Earth Kasha as separate entities but uses the term “APT10 Umbrella” to describe intrusion sets potentially related to APT10. Earth Kasha, known for targeting public institutions and academics via spear-phishing, launched a new campaign from early 2023 to 2024 with updated strategies, tactics, and tools.

More Details