Earth Naga is an APT group that has persistently targeted high-value organizations, including government agencies, telecommunications, and military-related manufacturers, primarily in Taiwan and the broader APAC region. They have been linked to the use of Draculoader and ShadowPad C&C infrastructure, demonstrating sophisticated TTPs such as establishing SSH connections through compromised mail servers. Earth Naga has collaborated with Earth Estries, sharing access to facilitate continued exploitation, complicating detection and attribution efforts. Their operations reflect a growing interest in global intelligence collection, extending to NATO member countries and Latin America.
References
Actor metadata imported from Malpedia (Fraunhofer FKIE).