CyberSecurityBoard
Sponsor Register Login

Earth Ammit Hackers Attacking Using New Tools to Attack Drones Used in Military Sectors

Trend Micro researchers identified that Earth Ammit’s operations demonstrate sophisticated understanding of supply chain vulnerabilities, employing two distinct attack paths: classic supply chain attacks that inject malicious code into legitimate software, and general supply chain attacks that leverage trusted communication channels to distribute malware without altering software artifacts. A sophisticated threat actor known as Earth Ammit has launched coordinated multi-wave attacks targeting drone supply chains, primarily in Taiwan’s military and satellite industries. Through these supply chain attacks, Earth Ammit positioned itself to target downstream customers, creating a ripple effect that extended the attackers’ reach to high-value military assets. The group, which security researchers have linked to Chinese-speaking APT groups, has executed two distinct campaigns between 2023 and 2024, demonstrating an evolution in tactics and tooling that poses significant risks to military and aerospace sectors. Following this initial compromise, Earth Ammit pivoted to a more targeted second wave called TIDRONE, which specifically aimed at military industry entities through the upstream supply chain. Victims of these attacks primarily originated from Taiwan and South Korea, affecting organizations within military, satellite, heavy industry, media, technology, software services, and healthcare sectors.

This Cyber News was published on cybersecuritynews.com. Publication date: Wed, 14 May 2025 12:35:04 +0000


Cyber News related to Earth Ammit Hackers Attacking Using New Tools to Attack Drones Used in Military Sectors

Earth Ammit Hackers Attacking Using New Tools to Attack Drones Used in Military Sectors - Trend Micro researchers identified that Earth Ammit’s operations demonstrate sophisticated understanding of supply chain vulnerabilities, employing two distinct attack paths: classic supply chain attacks that inject malicious code into ...
1 month ago Cybersecuritynews.com
Chinese APT Hackers Earth Krahang Exploits Government Exchange Servers - A new Advanced Persistent Threat campaign, dubbed Earth Krahang, has emerged with a focus on infiltrating government entities across the globe. This campaign, active since early 2022, has been linked to a China-nexus threat actor, previously ...
1 year ago Cybersecuritynews.com CVE-2023-32315 CVE-2022-21587 Earth Lusca
Look up: The new frontier of cyberthreats is in the sky - Attackers replaced Digiwin’s original Update.exe execution file with Winword.exe. Update.exe is part of Digiwin’s auto update workflow, but attackers caused it to launch Microsoft Word 2010 instead, which loaded a backdoor that could ...
3 months ago Bleepingcomputer.com
Congressional leaders concerned by NYPD's use of Chinese-made drones - Members of Congress expressed concern Thursday about New York City's plan to use Chinese-made drones to assist police responding to gunfire in five high-crime precincts. The program, which is currently being tested, will pair drones with the ...
1 year ago Therecord.media
The Dangerous Mystery of Hamas' Missing 'Suicide Drones' - Faced with the looming possibility that Hamas could leverage some of the same techniques, Israel began running drills, practicing with fighter jets to intercept UAVs. In February 2014, it announced a prototype of a new air defense system: The "Iron ...
1 year ago Wired.com
US Gov warn drones can be tools for Chinese espionage The Register - Two US government agencies, the Cybersecurity and Infrastructure Security Agency and Federal Bureau of Investigation, warned on Wednesday that drones made in China could be used to gather information on critical infrastructure. Those expanded legal ...
1 year ago Theregister.com
Chinese Earth Krahang hackers breach 70 orgs in 23 countries - A sophisticated hacking campaign attributed to a Chinese Advanced Persistent Threat group known as 'Earth Krahang' has breached 70 organizations and targeted at least 116 across 45 countries. According to Trend Micro researchers monitoring the ...
1 year ago Bleepingcomputer.com CVE-2023-32315 CVE-2022-21587 Earth Lusca GALLIUM
Drone As First Responder Programs Are Swarming Across the United States - Police DFR programs involve a fleet of drones, which can range in number from four or five to hundreds. In response to 911 calls and other law enforcement calls for service, a camera-equipped drone is launched from a regular base to get to the ...
11 months ago Eff.org
DHS and FBI: Chinese Drones Pose Major Threat to U.S. Security - The cybersecurity arm of the Department of Homeland Security and the Federal Bureau of Investigation have jointly issued a public service announcement cautioning about the potential risks posed by Chinese-manufactured drones to critical ...
1 year ago Cysecurity.news
Chinese APT Hacks 48 Government Organizations - An advanced persistent threat actor likely operating on behalf of the Chinese government has compromised dozens of foreign government entities worldwide, Trend Micro reports. Referred to as Earth Krahang, the hacking group appears linked to Earth ...
1 year ago Securityweek.com Earth Lusca
Earth Alux Hackers Employ VARGIET Malware to Attack Organizations - Initially targeting the Asia-Pacific region, the group expanded its operations to Latin America by mid-2024, primarily focusing on government, technology, logistics, manufacturing, telecommunications, IT services, and retail sectors in countries ...
2 months ago Cybersecuritynews.com
How Israel Is Defending Against Iran's Drone Attack - On Saturday, Iran launched more than 200 drones and cruise missiles at Israel. As the drones made their way across the Middle East en route to their target, Israel has invoked a number of defense systems to impede their progress. The Iron Dome, ...
1 year ago Wired.com Rocke
8 Tips on Leveraging AI Tools Without Compromising Security - Forecasts like the Nielsen Norman Group estimating that AI tools may improve an employee's productivity by 66% have companies everywhere wanting to leverage these tools immediately. How can companies employ these powerful AI/ML tools without ...
1 year ago Darkreading.com
Chinese APT 'Earth Krahang' Compromises 48 Gov't Orgs on 5 Continents - A previously unidentified Chinese espionage group has managed to breach at least 70 organizations across 23 countries, including 48 in the government space, despite using rather standard-fare tactics, techniques, and procedures. Fitting such a ...
1 year ago Darkreading.com CVE-2023-32315 CVE-2022-21587 BlackTech Mustang Panda Volt Typhoon
Power of Flexible Tech: Applying Conference Room Tech to Front Lines - We work with public safety, government, defense, security, and enterprise organizations to help them use unmanned systems, from drones to ground robotics, to enhance their situational awareness and streamline operations. The level of insight these ...
1 year ago Americansecuritytoday.com
The SFPD's Intended Purchase of a Robot Dog Triggers Board of Supervisors' Oversight Obligations - The San Francisco Police Department wants to get a robot quadruped, popularly known as a robot dog. The city's Board of Supervisors has a regulatory duty to probe into this intended purchase, including potentially blocking it altogether. The SFPD ...
11 months ago Eff.org
Investigating Common Patterns in Vietnam from the Perspective of Earth Zhulong - In 2020, a hacking group known as Earth Zhulong began targeting telecom, technology, and media sectors in Vietnam. After a long-term investigation, we believe that this group is likely related to the Chinese-linked hacking group 1937CN due to similar ...
2 years ago Trendmicro.com
FBI disrupts Moobot botnet used by Russian military hackers - The FBI took down a botnet of small office/home office routers used by Russia's Main Intelligence Directorate of the General Staff in spearphishing and credential theft attacks targeting the United States and its allies. This network of hundreds of ...
1 year ago Bleepingcomputer.com Fancy Bear APT28 Turla Volt Typhoon
SpaceX Launched Military Satellites Designed to Track Hypersonic Missiles - Two prototype satellites for the Missile Defense Agency and four missile-tracking satellites for the US Space Force rode a SpaceX Falcon 9 rocket into orbit Wednesday from Florida's Space Coast. These satellites are part of a new generation of ...
1 year ago Wired.com Rocke
CVE-2021-47275 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago
A top-secret Chinese spy satellite just launched on a supersized rocket - China's largest rocket apparently wasn't big enough to launch the country's newest spy satellite, so engineers gave the rocket an upgrade. The Long March 5 launcher flew with a payload fairing some 20 feet taller than its usual nose cone when it took ...
1 year ago Packetstormsecurity.com Rocke
Earth Lusca - Earth Lusca is a suspected China-based cyber espionage group that has been active since at least April 2019. Earth Lusca has targeted organizations in Australia, China, Hong Kong, Mongolia, Nepal, the Philippines, Taiwan, Thailand, Vietnam, the ...
1 year ago Attack.mitre.org APT41 Earth Lusca Winnti Group
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
1 year ago Bleepingcomputer.com CVE-2023-23397 Fancy Bear APT28
The Dangers of Remote Management & Monitoring Tools for Cybersecurity - Remote monitoring and management (RMM) tools are used by business organizations to manage and monitor their enterprise IT infrastructure from a central location. However, the increasing sophistication of hackers and cybercriminals has caused both ...
2 years ago Csoonline.com
NJRat Campaign Unleashes Cyber Attack from Earth Bogle – The Hacker News - In a recent cyber attack, a well-known malware named NJRat is being unleashed from the Earth Bogle campaign, as reported by The Hacker News. An NJRat is a malicious code that can be used to gain system infiltration and access to web servers. It is ...
2 years ago Thehackernews.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)