🇨🇳
Earth Alux
APT Group
Information theft and espionage
1 zero-day CVE
ETDA ✓
Also Known As
No alias recordedTarget Countries 10
Countries highlighted in red
Brazil
India
Sri Lanka
Myanmar
Malaysia
Philippines
Pakistan
Poland
Thailand
Province of China Taiwan
Sectors Targeted
NAICS:48
48
Hardware Manufacturing
332510
Shipping and Logistics
Retail
Computer Systems Design and Related Services
5415
Telecommunications
517
Couriers and Express Delivery Services
492110
IT
Government
Space Research and Technology
927
Computer and Electronic Product Manufacturing
334
NAICS:31
31
Professional, Scientific, and Technical Services
54
Telecommunications
Electrical Equipment, Appliance, and Component Manufacturing
335
Couriers and Express Delivery Services
4921
Justice, Public Order, and Safety Activities
922
Technology
Information
51
Manufacturing
NAICS:44
44
National Security and International Affairs
928
National Security and International Affairs
928110
Wholesale Trade
42
Public Administration
92
Computer Systems Design Services
541512
Details
Origin
🇨🇳 CN
Last Updated
05 Jan 2026
MITRE ATT&CK 26
T1003.001 - LSASS Memory
T1021.001 - Remote Desktop Protocol
T1027 - Obfuscated Files or Information
T1036 - Masquerading
T1041 - Exfiltration Over C2 Channel
T1053 - Scheduled Task/Job
T1055 - Process Injection
T1056.001 - Keylogging
T1071 - Application Layer Protocol
T1071.001 - Web Protocols
T1078 - Valid Accounts
T1090 - Proxy
T1105 - Ingress Tool Transfer
T1133 - External Remote Services
T1134 - Access Token Manipulation
T1140 - Deobfuscate/Decode Files or Information
T1190 - Exploit Public-Facing Application
T1505.003 - Web Shell
T1543.003 - Windows Service
T1547.001 - Registry Run Keys / Startup Folder
T1552.001 - Credentials In Files
T1566 - Phishing
T1567 - Exfiltration Over Web Service
T1573 - Encrypted Channel
T1583.003 - Virtual Private Server
T1588.002 - Tool