Earth YakoEarth Yako

Also known as: Operation RestyLink · Enelink · Earth Yako

Known aliases
3

Profile

Earth Yako is a threat actor that has been actively targeting researchers in academic organizations and think tanks in Japan. They use spearphishing emails with malicious attachments to gain initial access to their targets' systems. Earth Yako's objectives and patterns suggest a possible connection to a Chinese APT group, but conclusive proof of their nationality is lacking. They have been observed using various malware delivery methods and techniques, such as the use of Winword.exe for DLL Hijacking.

Aliases· 3

Operation RestyLinkEnelinkEarth Yako

References

  1. https://www.trendmicro.com/en_us/research/23/b/invitation-to-secret-event-uncovering-earth-yako-campaigns.html

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Actor
Earth Wendigo
Actor
Earth Naga
Actor
Earth Krahang
Actor
Earth Kitsune
Actor
Earth Alux
Actor
Earth Kapre
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.