| SYMBOL | COMMON_NAME | aka. SYNONYMS |
Earth Naga is an APT group that has persistently targeted high-value organizations, including government agencies, telecommunications, and military-related manufacturers, primarily in Taiwan and the broader APAC region. They have been linked to the use of Draculoader and ShadowPad C&C infrastructure, demonstrating sophisticated TTPs such as establishing SSH connections through compromised mail servers. Earth Naga has collaborated with Earth Estries, sharing access to facilitate continued exploitation, complicating detection and attribution efforts. Their operations reflect a growing interest in global intelligence collection, extending to NATO member countries and Latin America.
There are currently no families associated with this actor.
| 2025-10-22
⋅
Trend Micro
⋅
The Rise of Collaborative Tactics Among China-aligned Cyber Espionage Campaigns Cobalt Strike DracuLoader ShadowPad Earth Naga |