• About Us
  • Our Editorial Policy
  • Business Directory
  • Advertise with Us
  • Our Advertisers
  • Contact Us
Australia India News
  • Alluring India - Brisbane Banner
India News Australia
  • Home
  • Current Issue
    Past Issue
  • India News
  • Business
  • World
    World This Week
  • Community News
  • What's On
  • Others
    Yoga in Australia News COVID-19 Community News Naari IPL News Health Travel Entertainment
  • National Events
  • Alluring India 2026
  • Please wait..
Business and Trade news

China-backed hackers hit Asian govts, defence sectors, NATO countries: Report

  • BY India News Newsdesk
  • May 2, 2026
  • 0 COMMENTS

New Delhi, May 2 (IANS) China-aligned hackers have targeted government and defence sectors across South, East and Southeast Asia, along with a NATO member in Europe, in a fresh cyber espionage campaign, a report has claimed.

A report by The Hacker News highlighted that the activity has been attributed to a threat cluster tracked as ‘SHADOW-EARTH-053’, which researchers assess has been active since at least December 2024, and shares overlaps with previously identified groups such as Earth Alux and REF7707.

The campaign primarily exploits known vulnerabilities in internet-facing Microsoft Exchange Server and Internet Information Services (IIS) systems to breach unpatched networks, it said

It further highlighted that security researchers stated that the group exploits N-day vulnerabilities in internet-facing Microsoft Exchange and IIS servers, then deploys web shells for persistent access and stages ShadowPad implants.

Countries targeted include India, Thailand, Malaysia, Myanmar, Sri Lanka, Taiwan and Pakistan, while Poland was identified as the only European nation affected.

The attackers deploy web shells such as ‘Godzilla’ to maintain remote access and later install the ShadowPad malware using DLL side-loading techniques, often leveraging legitimate signed executables to evade detection.

The report noted that the intrusions begin with the exploitation of security flaws to gain initial access, followed by reconnaissance and lateral movement using tools such as Mimikatz and custom remote desktop protocol launchers.

In some cases, the campaign also involved the exploitation of a vulnerability dubbed ‘React2Shell’ to distribute a Linux variant of Noodle RAT, a remote access trojan.

The attack chain has been linked by other researchers to a group known as ‘UNC6595’.

The report noted overlaps with another intrusion set, ‘SHADOW-EARTH-054’, with nearly half of the observed targets, particularly in Malaysia, Sri Lanka and Myanmar — previously compromised, though no direct operational coordination has been confirmed.

To evade detection and maintain persistence, the attackers also used open-source tunnelling tools such as IOX, GOST and Wstunnel, along with packing utilities to conceal malicious binaries, according to the report.

Trend Micro advised organisations to prioritise patching of Microsoft Exchange and IIS systems and deploy intrusion prevention or web application firewall solutions where immediate updates are not feasible.

Meanwhile, researchers flagged phishing campaigns by two other China-linked groups, dubbed ‘GLITTER CARP’ and ‘SEQUIN CARP’, targeting journalists and civil society groups.

However, the campaigns, first detected in April and June 2025, impersonated journalists, organisations and technology firms in phishing emails aimed at stealing credentials or gaining access to accounts.

–IANS

ag/na

Post navigation

ECI deploys additional counting observers and police observers in West Bengal
5.96 lakh PNG connections gasified, infrastructure created for additional 2.68 lakh connections: Centre

Related Post

Wall Street unites behind child investment plan
July 7, 2026
AI, digital technologies can empower MSMEs, startups and exporters: Piyush Goyal
July 7, 2026
Air India appoints Skytech-AIC to sell six Airbus A319 aircraft amid fleet modernisation
July 7, 2026
India can emerge as the world’s ‘connector economy’: Anand Mahindra
July 7, 2026

Our Current Issue

Australia India News – July 1-15-2026

Alluring India 2026

Alluring India 2026

Our Advertisers

  • Battery Rebate australia
  • Bess Australia Solar Panels
  • Alluring India - Brisbane 2026

Follow Us

  • facebook
  • facebook
  • facebook
  • facebook
INDIA NEWS on YouTube in Australia, bring to our readers and subscribers national and international news, editorials, expert columns, community activities and interviews of political leaders, celebrities, business professionals, academics and sport personalities among others.
  • facebook
  • facebook
  • facebook
  • facebook

Category

  • Accident
  • Adani Australia
  • Advertorial
  • Arts & Culture
  • Ashes 2022
  • Australia

Recent News

  • Infantino defends FIFA judicial independence, admits Trump...
  • Maha Congress to launch statewide protest today...

Subscribe Newsletter

Get the latest creative news from india news

  • Privacy Policy
  • Disclaimer
Alluring India 2026