Since early 2022, we have been monitoring an APT campaign targeting several government entities worldwide, with a strong focus in Southeast Asia, but we have also seen targets in Europe, America, or Africa. Our research allowed us to identify multiple connections with China-nexus threat actors Earth Lusca and Luoyu. Despite this campaign still has an independent infrastructure and employed unique backdoors. We managed to retrieve multiple files from the threat actor's servers, including samples, configuration files and log files from their attack tools. By combining this data with our telemetry, we have gained a better understanding of their operation and build a clear view of Earth Krahang’s victimology and interests. In this presentation, we are going to disclose the details of their latest operations.