Earth Kurma is a threat actor. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Earth Kurma exploit?

Specific CVE exploitation data for Earth Kurma is being tracked. Check the Strobes VI threat actor profile for updates.

Earth Kurma

Exploited CVEs

Overview

Earth Kurma is an APT group targeting government and telecommunications sectors in Southeast Asia, with a primary focus on data exfiltration. They employ advanced custom malware, including rootkits like KRNRAT and MORIYA, and utilize cloud storage services for exfiltration. Their toolsets include TESDAT and SIMPOBOXSPY, and they demonstrate adaptive TTPs and complex evasion techniques. Attribution overlaps with other APT groups, but distinct attack patterns warrant their separate designation.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database