Security News > 2023 > June > Chinese APT15 hackers resurface with new Graphican malware
The Chinese state-sponsored hacking group tracked as APT15 has been observed using a novel backdoor named 'Graphican' in a new campaign between late 2022 and early 2023.
APT15, also known as Nickel, Flea, Ke3Chang, and Vixen Panda, are Chinese state hackers targeting important public and private organizations worldwide since at least 2004.
The researchers report that the new Graphican backdoor is an evolution of an older malware used by the hackers rather than a tool created from scratch.
EWSTEW - Custom APT15 backdoor extracting emails from infected Microsoft Exchange servers.
Web shells - AntSword, Behinder, China Chopper, Godzilla, giving the hackers backdoor access to the breached systems.
In conclusion, the recent activity of APT15 and the refresh of its custom backdoor shows that the Chinese hacking group remains a menace to organizations worldwide, improving its tools and working on making its operations stealthier.
News URL
Related news
- Chinese hackers target Linux with new WolfsBane malware (source)
- FIN7 hackers launch deepfake nude “generator” sites to spread malware (source)
- N. Korean Hackers Use Fake Interviews to Infect Developers with Cross-Platform Malware (source)
- Chinese Nation-State Hackers APT41 Hit Gambling Sector for Financial Gain (source)
- US says Chinese hackers breached multiple telecom providers (source)
- Chinese Hackers Use CloudScout Toolset to Steal Session Cookies from Cloud Services (source)
- Microsoft: Chinese hackers use Quad7 botnet to steal credentials (source)
- Sophos reveals 5-year battle with Chinese hackers attacking network devices (source)
- Sophos Versus the Chinese Hackers (source)
- FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions (source)