Earth Ammit, a cyber espionage group, has been linked to two significant campaigns, VENOM and TIDRONE, targeting entities in Taiwan and South Korea, particularly in the military, satellite, and technology sectors. The VENOM campaign focuses on compromising software service providers to penetrate the drone supply chain, while TIDRONE attacks drone manufacturers with custom malware. Trend Micro notes the group's association with Chinese-speaking nation-state actors, and highlights the use of enterprise resource planning software and trusted communication channels to execute these attacks, emphasizing the risks posed by supply chain vulnerabilities.
Earth Ammitâs long-term goal is to compromise trusted networks via supply chain attacks, allowing them to target high-value entities downstream and amplify their reach.
The attacks are noteworthy for targeting the drone supply chain, leveraging enterprise resource planning (ERP) software to breach military and satellite industries.
Collection
[
|
...
]