Cuckoo Spear – the latest Nation-state Threat Actor targeting Japanese companies

Cybereason's Threat Analysis 'Cuckoo Spear' attributes a long-running espionage campaign to APT10 that deploys LODEINFO and a newer modular backdoor NOOPDOOR (loaded by NOOPLDR) with DGA-based C2; the report documents spear-phishing and vulnerability exploitation for initial access, persistence via scheduled tasks, WMI consumer events and malicious service DLLs, multi-year dwell time, data exfiltration from critical infrastructure and academic targets, and provides IOCs and hunting queries for detection and remediation.