Chinese Hackers Exploit GeoServer Flaw to Target APAC Nations with EAGLEDOOR Malware

Chinese threat actor, Earth Baxia, is suspected of targeting government and energy sectors in numerous APAC countries using GeoServer exploitation, spear-phishing, and customized malware. Through public cloud services and multi-protocol support, the complex operations conduct data infiltration and exfiltration. Trend Micro detected this intrusion activity in July 2024.