Common Information
| Type | Value |
|---|---|
| Value |
Earth Wendigo |
| Category | Actor |
| Type | Threat-Actor |
| Misp Type | Cluster |
| Description | Earth Wendigo is a threat actor from China that has been targeting several organizations — including government organizations, research institutions, and universities in Taiwan — since May 2019, aiming to exfiltrate emails from targeted organizations via the injection of JavaScript backdoors to a webmail system that is widely used in Taiwan. The threat actor also sent spear-phishing emails embedded with malicious links to multiple individuals, including politicians and activists, who support movements in Tibet, the Uyghur region, or Hong Kong. |