Earth Lusca is a threat actor attributed to CN, also known as Chromium, TAG-22, Bronze University. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does Earth Lusca exploit?

Earth Lusca is known to exploit 5 CVEs. View the full list on the Strobes VI threat actor profile page.

Earth Lusca

Also known as: Chromium, TAG-22, Bronze University, Charcoal Typhoon, Red Scylla, ControlX, RedHotel, CHROMIUM, BRONZE UNIVERSITY, i-Soon, RedAlpha, AQUATIC PANDA, Red Scully, FISHMONGER, BountyGlad, Red Dev 10, Hassium, G1006, G0143

CNInformation theft and espionage , Financial gain

Exploited CVEs

Overview

Earth Lusca is a threat actor from China that targets organizations of interest to the Chinese government, including academic institutions, telecommunication companies, religious organizations, and other civil society groups. Earth Lusca's tools closely resemble those used by Winnti Umbrella, but the group appears to operate separately from Winnti. Earth Lusca has also been observed targeting cryptocurrency payment platforms and cryptocurrency exchanges in what are likely financially motivated attacks.

Exploited Vulnerabilities

CVE ID	Action
CVE-2016-6662	View Details
CVE-2017-0199	View Details
CVE-2020-1472	View Details
CVE-2017-0176	View Details
CVE-2014-7169	View Details

Activity Timeline

First Seen

January 1, 2019

Quick Actions

Earth Lusca

Ready for Agentic Automated Testing?

Earth Lusca