Security News > 2023 > June > Chinese APT15 hackers resurface with new Graphican malware

The Chinese state-sponsored hacking group tracked as APT15 has been observed using a novel backdoor named 'Graphican' in a new campaign between late 2022 and early 2023.
APT15, also known as Nickel, Flea, Ke3Chang, and Vixen Panda, are Chinese state hackers targeting important public and private organizations worldwide since at least 2004.
The researchers report that the new Graphican backdoor is an evolution of an older malware used by the hackers rather than a tool created from scratch.
EWSTEW - Custom APT15 backdoor extracting emails from infected Microsoft Exchange servers.
Web shells - AntSword, Behinder, China Chopper, Godzilla, giving the hackers backdoor access to the breached systems.
In conclusion, the recent activity of APT15 and the refresh of its custom backdoor shows that the Chinese hacking group remains a menace to organizations worldwide, improving its tools and working on making its operations stealthier.
News URL
Related news
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- Chinese Hackers Target Linux Systems Using SNOWLIGHT Malware and VShell Tool (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- US charges Chinese hackers linked to critical infrastructure breaches (source)
- Chinese Hackers Breach Juniper Networks Routers With Custom Backdoors and Rootkits (source)
- Chinese Weaver Ant hackers spied on telco network for 4 years (source)
- Hackers Use .NET MAUI to Target Indian and Chinese Users with Fake Banking, Social Apps (source)
- Chinese Hackers Breach Asian Telecom, Remain Undetected for Over 4 Years (source)
- North Korean Hackers Deploy BeaverTail Malware via 11 Malicious npm Packages (source)
- State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns (source)