Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor

Foreign affairs ministries in the Americas have been targeted by a Chinese state-sponsored actor named Flea as part of a recent campaign that spanned from late 2022 to early 2023. The cyber attacks, per Broadcom's Symantec, involved a new backdoor codenamed Graphican. Some of the other targets...

APT15 enhanced its arsenal with an updated variant of the Turian backdoor

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary APT15 has modified its toolkit to include new variants of the Turian backdoor, as well as new command and control infrastructure. The malware contains VMProtect, which obfuscates all API calls within the...

Iranian Government Entities Under Attack by New Wave of BackdoorDiplomacy Attacks

The threat actor known as BackdoorDiplomacy has been linked to a new wave of attacks targeting Iranian government entities between July and late December 2022. Palo Alto Networks Unit 42, which is tracking the activity under its constellation-themed moniker Playful Taurus, said it observed the...

Microsoft Seizes 42 Malicious Web Domains Used By Chinese Hackers

Microsoft on Monday announced the seizure of 42 domains used by a China-based cyber espionage group that set its sights on organizations in the U.S. and 28 other countries pursuant to a legal warrant issued by a federal court in the U.S. state of Virginia. The Redmond company attributed the...

NICKEL targeting government organizations across Latin America and Europe

The Microsoft Threat Intelligence Center MSTIC has observed NICKEL, a China-based threat actor, targeting governments, diplomatic entities, and non-governmental organizations NGOs across Central and South America, the Caribbean, Europe, and North America. MSTIC has been tracking NICKEL since 2016...

NICKEL targeting government organizations across Latin America and Europe

The Microsoft Threat Intelligence Center MSTIC has observed NICKEL, a China-based threat actor, targeting governments, diplomatic entities, and non-governmental organizations NGOs across Central and South America, the Caribbean, Europe, and North America. MSTIC has been tracking NICKEL since 2016...

Ke3chang APT Linked to Previously Undocumented Backdoor

The Ke3chang cyberespionage group, a.k.a. APT15, Mirage, Playful Dragon or Vixen Panda, has been tied to a backdoor called Okrum that has been used to target diplomatic missions throughout Europe and Latin America. The attribution widens the scope of known Ke3chang activity, an APT believed to be...

APT15 Pokes Its Head Out With Upgraded MirageFox RAT

The elusive APT15 cyber-espionage group, believed to be affiliated with the Chinese government, has been spotted for the first time in many months, mounting a highly targeted spy campaign using an upgraded version of the Mirage remote access trojan. This is the first evidence of the China-linked...

APT15 Hackers Hit UK Govt Contractor to Steal Military Technology Secrets

By Waqas The APT15 hacking group has always been associated with Chinese This is a post from HackRead.com Read the original post: APT15 Hackers Hit UK Govt Contractor to Steal Military Technology Secrets...

China-Linked APT15 Used Myriad of New Tools To Hack UK Government Contractor

CANCUN, Mexico – Researchers at NCC Group have discovered multiple backdoors on a UK government contractor’s computer systems designed to steal sensitive government and military data. The hack is tied to China-linked cyber espionage group APT15, which researchers said is utilizing many new tools ...