"I'm concerned about what they are leaving behind: What type of C2 on a sleep cycle is still lingering in these environments?" Tom Kellermann asked, framing the immediate worry after TrendAI's investigation into a novel China-linked espionage campaign.
TrendAI on Shadow‑Earth‑053 and Shadow‑Earth‑054
TrendAI researchers, speaking exclusively to The Register, describe a previously unreported China-linked threat group they track as Shadow‑Earth‑053 that began compromising networks in December 2024 and whose activity was observed as recently as April 2026. The intrusions affected more than a dozen critical networks across Poland and multiple Asian countries. About half of the victims were also compromised by a related actor TrendAI calls Shadow‑Earth‑054, which exploited the same vulnerabilities, used identical tool hashes and overlapping techniques, and showed network overlaps with crews tracked as CL‑STA‑0049 by Palo Alto Networks' Unit 42, REF7707 by Elastic Security Labs, and Earth Alux.
Tools and malware: ShadowPad, Godzilla, NoodleRat, RingQ
After initial access, TrendAI observed the intruders installing web shells — commonly the Godzilla web shell — and deploying ShadowPad, a custom backdoor the report ties to China's APT41 and notes has been used for almost a decade and shared among China‑aligned groups since 2019. In at least one intrusion the attackers delivered ShadowPad via the remote desktop tool AnyDesk, which TrendAI says suggests use of either a prior compromise or stolen credentials.
In other cases responders found Linux NoodleRat backdoors deployed after exploitation of other flaws. TrendAI also detected RingQ — an open‑source Chinese packing tool available on GitHub used to evade detection — and noted the intruders sometimes renamed legitimate Windows binaries to avoid process‑based detection. The actors also used administrative tools for lateral movement, including Windows Management Instrumentation Command‑line (WMIC), and credential‑harvesting utilities such as Evil‑CreateDump.
Vulnerabilities exploited: ProxyLogon (CVE‑2021‑26855) and React2Shell (CVE‑2025‑55182)
TrendAI reports Shadow‑Earth‑053 typically gained initial access by exploiting external services, notably chaining Microsoft Exchange Server bugs that include ProxyLogon (CVE‑2021‑26855) with CVE‑2021‑26857, CVE‑2021‑26858, and CVE‑2021‑27065 to achieve remote code execution. In at least one intrusion the group exploited React2Shell (CVE‑2025‑55182), a critical flaw in React Server Components, to run arbitrary code on vulnerable servers. The report stresses these old Exchange vulnerabilities remain a persistent vector in the observed intrusions.
Geography and targets: Poland and seven Asian countries
TrendAI lists observed targets across at least eight countries. Most targets were located in Pakistan, Thailand, Malaysia, India, Myanmar, Sri Lanka, and Taiwan; at least one victim was a defense‑sector organization in Poland. The intrusions principally hit government agencies, defense contractors, technology firms, and the transportation industry, according to the report.
What this means for technologists, defense ministries, and summit policymakers
- Technologists and security teams: TrendAI's findings emphasize repeated exploitation of known Exchange Server vulnerabilities and the use of web shells, ShadowPad, and packing tools such as RingQ. Detection teams will need to hunt for web shells, anomalous AnyDesk and administrative tool usage, renamed system binaries, and indicators tied to ShadowPad and NoodleRat.
- Defense ministries and defense contractors: TrendAI connects Shadow‑Earth‑053 activity to reconnaissance against defense industries and ministries aligned with the United States and supportive of Taiwan's independence, describing the campaign as "island‑hopping through the defense sectors and ministries" and warning of potential prepositioning for sabotage.
- Policymakers and summit participants: Tom Kellermann noted the campaign's timing in the run‑up to the May 14–15 summit between the president and President Xi, and raised concern that the intruders may have maintained latent command‑and‑control ("C2 on a sleep cycle") or prepositioned destructive capabilities should geopolitical tensions escalate.
TrendAI's exclusive reporting frames a persistent, multi‑vector espionage effort that combines legacy server exploits with familiar Chinese‑linked tooling and an operational pattern reminiscent, in Kellermann's words, of earlier "Typhoon" campaigns. Whether the most dangerous artifacts are already in place — dormant C2 channels, erased trails, or staged destructive tools — is the question the report leaves front and center for defenders and officials alike.




