“china - linked hackers target asian governments, nato state, journalists, and activists cybersecurity researchers have disclosed details of a new china - aligned espionage campaign targeting government and defense sectors across south, east, and southeast asia, along with one eur…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
95%
“been tied to phishing campaigns targeting the taiwanese semiconductor industry. some aspects of these efforts were previously documented by proofpoint in july 2025 under the name unk _ sparkycarp. sequin carp ( aka unk _ dualtone ), on the other hand, shares similarities with a g…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1505.003Web Shell
86%
“, and taiwan. the lone european country that features in the threat actor ' s victimology footprint is poland. the cybersecurity vendor said it observed nearly half the shadow - earth - 053 targets, particularly those in malaysia, sri lanka, and myanmar, also compromised earlier …”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
74%
“china - linked hackers target asian governments, nato state, journalists, and activists cybersecurity researchers have disclosed details of a new china - aligned espionage campaign targeting government and defense sectors across south, east, and southeast asia, along with one eur…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1190Exploit Public-Facing Application
73%
“linked this attack chain to a group known as unc6595. also put to use are open - source tunneling tools like the iox, go simple tunnel ( gost ), and wstunnel, as well as ringq to pack malicious binaries and evade detection. to facilitate privilege escalation, shadow - earth - 053…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
72%
“" glitter carp and sequin carp go after activists and journalists the disclosure comes as the citizen lab flagged a new phishing campaign undertaken by two distinct china - affiliated threat actors targeting and impersonating journalists and civil society, including uyghur, tibet…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1566.002Spearphishing Link
48%
“a recent shift. " we have observed unk _ sparkycarp ( glitter carp ) conducting credential phishing activity against academic, political, semiconductor, and legal sector targets in the united states, europe, and taiwan, " kelly added. " we have not observed the group targeting ci…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
Cybersecurity researchers have disclosed details of a new China-aligned espionage campaign targeting government and defense sectors across South, East, and Southeast Asia, along with one European government belonging to NATO.
Trend Micro has attributed the activity to a threat activity cluster it tracks under the temporary designation SHADOW-EARTH-053. The adversarial collective is assessed to