{"id":57748,"date":"2024-11-25T00:00:00","date_gmt":"2024-11-25T00:00:00","guid":{"rendered":"urn:uuid:c74084d4-5fae-a65e-557f-c6528ab93863"},"modified":"2024-11-25T00:00:00","modified_gmt":"2024-11-25T00:00:00","slug":"game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/","title":{"rendered":"Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions"},"content":{"rendered":"<p><img decoding=\"async\" src=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/EarthEstries-thumbnail:Large?qlt=80\"><\/p>\n<div><img decoding=\"async\" src=\"https:\/\/www.trendmicro.com\/content\/dam\/trendmicro\/global\/en\/research\/thumbnails\/EarthEstries-thumbnail.jpg\" class=\"ff-og-image-inserted\"><\/div>\n<h4>Summary<\/h4>\n<ul>\n<li>&nbsp;<\/li>\n<li><span class=\"rte-red-bullet\">Earth Estries, a Chinese APT group, has primarily targeted critical sectors like telecommunications and government entities across the US, Asia-Pacific, Middle East, and South Africa since 2023.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">The group employs advanced attack techniques and multiple backdoors, such as GHOSTSPIDER, SNAPPYBEE, and MASOL RAT, affecting several Southeast Asian telecommunications companies and government entities.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Earth Estries exploits public-facing server vulnerabilities to establish initial access and uses living-off-the-land binaries for lateral movement within networks to deploy malware and conduct long-term espionage.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">The group has compromised over 20 organizations, targeting various sectors including telecommunications, technology, consulting, chemical, and transportation industries, as well as government agencies and NGOs in numerous countries.<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Earth Estries uses a complex C&amp;C infrastructure managed by different teams, and their operations often overlap with TTPs of other known Chinese APT groups, indicating possible use of shared tools from malware-as-a-service providers.<\/span><\/li>\n<\/ul>\n<p>Since 2023, <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/23\/h\/earth-estries-targets-government-tech-for-cyberespionage.html\" target=\"_blank\" rel=\"noopener\">Earth Estries<\/a> (aka Salt Typhoon, FamousSparrow, GhostEmperor and UNC2286) has emerged as one of the most aggressive Chinese advanced persistent threat (APT) groups, primarily targeting critical industries such as telecommunications and government entities in the US, the Asia-Pacific region, the Middle East, and South Africa. In this blog entry, we will highlight their evolving attack techniques and analyze the motivation behind their operations, providing insights into their long-term targeted attacks.<\/p>\n<p>A key finding from our recent investigation is the discovery of a new backdoor, GHOSTSPIDER, identified during attacks on Southeast Asian telecommunications companies. We will explore the technical details of GHOSTSPIDER, its impact across multiple countries, and interesting findings when we were tracking its command-and-control (C&amp;C) infrastructure. We have also uncovered the group\u2019s use of the modular backdoor <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/24\/k\/breaking-down-earth-estries-persistent-ttps-in-prolonged-cyber-o.html\" target=\"_blank\" rel=\"noopener\">SNAPPYBEE (aka Deed RAT)<\/a>, another tool shared among Chinese APT groups.&nbsp;<\/p>\n<p>Furthermore, we discovered that Earth Estries uses another cross-platform backdoor, which we initially identified during our investigation of Southeast Asian government incidents in 2020. We named it MASOL RAT based on its PDB string. We couldn\u2019t link MASOL RAT to any known threat group at the time due to limited information. However, this year we observed that Earth Estries has been deploying MASOL RAT on Linux devices targeting Southeast Asian government networks. More details about MASOL RAT will be provided in this blog entry.<\/p>\n<p>Recently, we also noticed that Microsoft has tracked the APT groups FamousSparrow and GhostEmperor <a href=\"https:\/\/learn.microsoft.com\/en-us\/defender-xdr\/microsoft-threat-actor-naming\" target=\"_blank\" rel=\"noopener\">under the name Salt Typhoon<\/a>. However, we don\u2019t have sufficient evidence that Earth Estries is related to the recent news of a <a href=\"https:\/\/wsj.com\/politics\/national-security\/u-s-officials-race-to-understand-severity-of-chinas-salt-typhoon-hacks-6e7c3951\" target=\"_blank\" rel=\"noopener\">recent Salt Typhoon cyberattack<\/a>, as we have not seen a more detailed report on Salt Typhoon. Currently, we can only confirm that some of Earth Estries\u2019 tactics, techniques, and procedures (TTPs) overlap with that of FamousSparrow and GhostEmperor.&nbsp;<\/p>\n<h4>Motivation<\/h4>\n<p>We have observed that Earth Esties has been conducting prolonged attacks targeting governments and internet service providers since 2020. In mid-2022, we noticed that the attackers also started targeting service providers for governments and telecommunications companies. For example, we found that in 2023, the attackers had also targeted consulting firms and NGOs that work with the U.S. federal government and military. The attackers use this approach to gather intelligence more efficiently and to attack their primary targets more quickly.&nbsp;<\/p>\n<p>Notably, we observed that attackers targeted not only critical services (like database servers and cloud servers) used by the telecommunications company, but also their vendor network. We found that they implanted the DEMODEX rootkit on vendor machines. This vendor is a primary contractor for the region\u2019s main telecommunications provider, and we believe that attackers use this approach to facilitate access to more targets.<\/p>\n<h4>Victimology<\/h4>\n<p>We found that Earth Estries successfully compromised more than 20 organizations in areas that include the telecommunications, technology, consulting, chemical, and transportation industries, government agencies, and non-profit organizations (NGOs). Victims also came from numerous countries, including:<\/p>\n<ul>\n<li><span class=\"rte-red-bullet\">Afghanistan<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Brazil&nbsp;<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Eswatini<\/span><\/li>\n<li><span class=\"rte-red-bullet\">India<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Indonesia<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Malaysia<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Pakistan<\/span><\/li>\n<li><span class=\"rte-red-bullet\">The Philippines<\/span><\/li>\n<li><span class=\"rte-red-bullet\">South Africa<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Taiwan<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Thailand<\/span><\/li>\n<li><span class=\"rte-red-bullet\">US<\/span><\/li>\n<li><span class=\"rte-red-bullet\">Vietnam<\/span><\/li>\n<\/ul>\n<p> Read More <a href=\"https:\/\/www.trendmicro.com\/en_us\/research\/24\/k\/earth-estries.html\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Since 2023, APT group Earth Estries has aggressively targeted key industries globally with sophisticated techniques and new backdoors, like GHOSTSPIDER and MASOL RAT, for prolonged espionage operations. Read More HERE&#8230;<\/p>\n","protected":false},"author":2,"featured_media":57749,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[61],"tags":[9546,9534,9509],"class_list":["post-57748","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-trendmicro","tag-trend-micro-research-apttargeted-attacks","tag-trend-micro-research-latest-news","tag-trend-micro-research-research"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v27.6 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2024-11-25T00:00:00+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/EarthEstries-thumbnail:Large?qlt=80\" \/>\n<meta name=\"author\" content=\"TH Author\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@threatshub\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"TH Author\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/\"},\"author\":{\"name\":\"TH Author\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\"},\"headline\":\"Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions\",\"datePublished\":\"2024-11-25T00:00:00+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/\"},\"wordCount\":654,\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions.jpg\",\"keywords\":[\"Trend Micro Research : APT&amp;Targeted Attacks\",\"Trend Micro Research : Latest News\",\"Trend Micro Research : Research\"],\"articleSection\":[\"TrendMicro\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/\",\"name\":\"Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions.jpg\",\"datePublished\":\"2024-11-25T00:00:00+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2024\\\/11\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions.jpg\",\"width\":976,\"height\":533},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Trend Micro Research : APT&amp;Targeted Attacks\",\"item\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/tag\\\/trend-micro-research-apttargeted-attacks\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/wp-content\\\/uploads\\\/2025\\\/05\\\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"},\"sameAs\":[\"https:\\\/\\\/x.com\\\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.threatshub.org\\\/blog\\\/#\\\/schema\\\/person\\\/12e0a8671ff89a863584f193e7062476\",\"name\":\"TH Author\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"url\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"contentUrl\":\"https:\\\/\\\/secure.gravatar.com\\\/avatar\\\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g\",\"caption\":\"TH Author\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/","og_locale":"en_US","og_type":"article","og_title":"Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2024-11-25T00:00:00+00:00","og_image":[{"url":"https:\/\/trendmicro.scene7.com\/is\/image\/trendmicro\/EarthEstries-thumbnail:Large?qlt=80","type":"","width":"","height":""}],"author":"TH Author","twitter_card":"summary_large_image","twitter_creator":"@threatshub","twitter_site":"@threatshub","twitter_misc":{"Written by":"TH Author","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/"},"author":{"name":"TH Author","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476"},"headline":"Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions","datePublished":"2024-11-25T00:00:00+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/"},"wordCount":654,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/11\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions.jpg","keywords":["Trend Micro Research : APT&amp;Targeted Attacks","Trend Micro Research : Latest News","Trend Micro Research : Research"],"articleSection":["TrendMicro"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/","url":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/","name":"Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/11\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions.jpg","datePublished":"2024-11-25T00:00:00+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/11\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2024\/11\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions.jpg","width":976,"height":533},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/game-of-emperor-unveiling-long-term-earth-estries-cyber-intrusions\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Trend Micro Research : APT&amp;Targeted Attacks","item":"https:\/\/www.threatshub.org\/blog\/tag\/trend-micro-research-apttargeted-attacks\/"},{"@type":"ListItem","position":3,"name":"Game of Emperor: Unveiling Long Term Earth Estries Cyber Intrusions"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/12e0a8671ff89a863584f193e7062476","name":"TH Author","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","url":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/066276f086d5155df79c850206a779ad368418a844da0182ce43f9cd5b506c3d?s=96&d=mm&r=g","caption":"TH Author"}}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/57748","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=57748"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/57748\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/57749"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=57748"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=57748"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=57748"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}