🇨🇳

Earth Kurma

APT Group Information theft and espionage ETDA ✓

Also Known As

No alias recorded

Target Countries 4

Countries highlighted in red

Malaysia Philippines Thailand Vietnam

Sectors Targeted

Telecommunications Government

Details

Origin 🇨🇳 CN
Last Updated 05 Jan 2026

MITRE ATT&CK 16

T1005 - Data from Local System T1021 - Remote Services T1053 - Scheduled Task/Job T1055 - Process Injection T1071 - Application Layer Protocol T1074 - Data Staged T1078 - Valid Accounts T1083 - File and Directory Discovery T1112 - Modify Registry T1133 - External Remote Services T1140 - Deobfuscate/Decode Files or Information T1190 - Exploit Public-Facing Application T1505.002 - Transport Agent T1547 - Boot or Logon Autostart Execution T1567 - Exfiltration Over Web Service T1595 - Active Scanning

Related Zero-Days

No zero-day CVE linked to this actor