Earth Baxia Targets APAC with Cyber Attacks
/ 1 min read
🦅 Earth Baxia Launches Targeted Cyber Attacks in APAC Using Advanced Techniques. The threat actor Earth Baxia, suspected to operate from China, has executed sophisticated cyber attacks against government and energy sectors in Taiwan and other Asia-Pacific countries. Utilizing spear-phishing emails and exploiting the GeoServer vulnerability (CVE-2024-36401), they deployed customized malware, including modified Cobalt Strike components and a new backdoor named EAGLEDOOR. These attacks involved advanced techniques such as DLL side-loading and multi-protocol communication for data exfiltration. The group’s operations highlight the need for enhanced cybersecurity measures, including phishing awareness training and multi-layered protection solutions, to mitigate risks associated with such sophisticated threats.
