Earth Kasha

Earth Kasha is a China-linked threat actor active since 2019, primarily targeting organizations in Japan, Taiwan, and India. Known for using malware like LODEINFO and NOOPDOOR, the group exploits public-facing vulnerabilities, to infiltrate networks. Earth Kasha focuses on credential theft, data exfiltration, and targeting sectors such as government, technology, and academia, often demonstrating ties to the broader APT10 umbrella.