{"id":55435,"date":"2024-02-26T00:00:00","date_gmt":"2024-02-26T00:00:00","guid":{"rendered":"urn:uuid:2cbfb951-b24e-cbab-3736-3c093dccba04"},"modified":"2024-02-26T00:00:00","modified_gmt":"2024-02-26T00:00:00","slug":"earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/","title":{"rendered":"Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/Lusca-2024-cover:Large?qlt=80\"><\/p>\n<div><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/thumbnails\/24\/Lusca-2024-cover.png\" class=\"ff-og-image-inserted\"><\/div>\n<p>The folder also contained an LNK file and a __MACOS folder with payload, this time timestamped Dec. 22, 2023.<\/p>\n<p>Similar to the previously analyzed archive, several stages lead to this last stage (namely Cobalt Strike), only with different configurations. The C&amp;C server name abuses the name of the cybersecurity company Cybereason. The malleable profile is also different this time and uses different URLs, although the watermark remains the same.<\/p>\n<p><span class=\"blockquote\">C2Server&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#8211; www.cybereason.xyz,\/mobile-android<br \/>HttpPostUri&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#8211; \/RELEASE_NOTES<br \/>Watermark&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp; &#8211; 100000000<\/span><\/p>\n<p>As mentioned in the introduction, the campaign exposed in this report was likely active between December 2023 and January 2024, with the lure document created just two days before the Taiwanese national elections.<\/p>\n<p>The C&amp;C domain used by Earth Lusca (<i>updateservice[.]store<\/i>) was registered anonymously on Dec. 12, 2023 and a subdomain was used for C&amp;C communications (<i>upserver.updateservice[.]store<\/i>).<\/p>\n<p>Meanwhile, the other C&amp;C domain used in this attack campaign (<i>Cybereason[.]xyz<\/i>) was registered anonymously on Oct. 27, 2023.<\/p>\n<p>Both C&amp;C servers are unavailable as of this writing.<\/p>\n<p>We also found evidence that Earth Lusca targeted a Taiwan-based private academic think tank dedicated to the study of international political and economic situations.<\/p>\n<p>While we could not find other campaign targets at the time of writing, we suspect Earth Lusca might be planning to attack more politically related entities.<\/p>\n<p>A recent leak on GitHub exposed sizeable data on a Chinese company called I-Soon that has seemingly been active since 2016. The company describes itself on its website as an \u201cAPT Defense and Research Laboratory\u201d and provides descriptions of its services: offensive and defensive security, antifraud solutions, blockchain forensics solutions, security products, and more. The group also notes several law enforcement and government entities with which it collaborates. As an interesting aside, I-Soon had been the recipient of a few rounds of fundings since 2017. One of its investors was the antivirus company Qihoo from China \u2014&nbsp; which, as stated earlier, had an executable file abused for DLL hijacking.<\/p>\n<p>We found a few indicators in the I-Soon leak that made us believe that some of the Earth Lusca activities are similar to the contents of the leak:<\/p>\n<ol>\n<li>There is some victim overlap between Earth Lusca and I-Soon: Some of the names on the victim lists of the I-Soon leak were also victims of Earth Lusca\u2019s attacks.<\/li>\n<li>The malware and tools arsenal used by I-Soon and Earth Lusca has a few strong overlaps. Malware such as <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/23\/g\/supply-chain-attack-targeting-pakistani-government-delivers-shad.html\">ShadowPad<\/a>, <a href=\"https:\/\/www.trendmicro.com\/vinfo\/us\/security\/news\/cyber-attacks\/winnti-group-resurfaces-with-portreuse-backdoor-now-engages-in-illicit-cryptocurrency-mining\">Winnti<\/a> and a few other tools have been used extensively by Earth Lusca and are used by i-Soon as well.<\/li>\n<li>We also discovered a location overlap between the two. In a <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/23\/i\/earth-lusca-employs-new-linux-backdoor.html\">blog entry in September 2023<\/a>, we mentioned that Earth Lusca\u2019s source IP addresses are from Chengdu, Sichuan province, where the main office of I-Soon\u2019s penetration teams is also located.<\/li>\n<\/ol>\n<p>&nbsp;Earth Lusca remains an active threat actor that counts cyberespionage among its primary motivations. Organizations must remain vigilant against APT groups employing sophisticated TTPs. In particular, government organizations face potential harm that could affect not only national and economic security but also international relations if malicious actors were to succeed in stealing classified information. Meanwhile, businesses that fall prey to cyberespionage attacks might face a decline in customer trust and operational disruptions that in turn lead to financial repercussions.<\/p>\n<p>Given Earth Lusca&#8217;s penchant for using email, resorting to social engineering as one of its main avenues of infection, and capitalizing on relevant social and political issues as seen in this campaign, we advise individuals and organizations to adhere to security best practices, such as avoiding clicking on suspicious email and website links and updating software in a timely manner to minimize the chances of falling victim to an Earth Lusca attack<\/p>\n<p><span class=\"body-subhead-title\">MITRE ATT&amp;CK techniques<\/span><\/p>\n<p>Below listed techniques are subset of <a href=\"https:\/\/attack.mitre.org\/\">MITRE ATT&amp;CK list<\/a>..<\/p>\n<p> Read More <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/24\/b\/earth-lusca-uses-geopolitical-lure-to-target-taiwan.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>During our monitoring of Earth Lusca, we noticed a new campaign that used Chinese-Taiwanese relations as a social engineering lure to infect selected targets. Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":55436,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9546,9510,9508,9513,9509],"class_list":["post-55435","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-trend-micro-research-apttargeted-attacks","tag-trend-micro-research-articles-news-reports","tag-trend-micro-research-endpoints","tag-trend-micro-research-malware","tag-trend-micro-research-research"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-02-26T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/Lusca-2024-cover:Large?qlt=80\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections\",\"datePublished\":\"2024-02-26T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/\"},\"wordCount\":716,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/02\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections.png\",\"keywords\":[\"Trend Micro Research : APT&amp;Targeted Attacks\",\"Trend Micro Research : Articles, News, Reports\",\"Trend Micro Research : Endpoints\",\"Trend Micro Research : Malware\",\"Trend Micro Research : Research\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/\",\"name\":\"Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/02\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections.png\",\"datePublished\":\"2024-02-26T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/02\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections.png\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/02\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections.png\",\"width\":976,\"height\":533},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro Research : APT&amp;Targeted Attacks\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-research-apttargeted-attacks\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/","og_locale":"en_US","og_type":"article","og_title":"Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-02-26T00:00:00+00:00","og_image":[{"url":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/Lusca-2024-cover:Large?qlt=80","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections","datePublished":"2024-02-26T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/"},"wordCount":716,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/02\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections.png","keywords":["Trend Micro Research : APT&amp;Targeted Attacks","Trend Micro Research : Articles, News, Reports","Trend Micro Research : Endpoints","Trend Micro Research : Malware","Trend Micro Research : Research"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/","url":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/","name":"Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/02\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections.png","datePublished":"2024-02-26T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/02\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/02\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections.png","width":976,"height":533},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/earth-lusca-uses-geopolitical-lure-to-target-taiwan-before-elections\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro Research : APT&amp;Targeted Attacks","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-research-apttargeted-attacks\/"},{"@type":"ListItem","position":3,"name":"Earth Lusca Uses Geopolitical Lure to Target Taiwan Before Elections"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55435","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=55435"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/55435\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/55436"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=55435"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=55435"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=55435"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}