Security News > 2023 > June > Chinese APT15 hackers resurface with new Graphican malware
The Chinese state-sponsored hacking group tracked as APT15 has been observed using a novel backdoor named 'Graphican' in a new campaign between late 2022 and early 2023.
APT15, also known as Nickel, Flea, Ke3Chang, and Vixen Panda, are Chinese state hackers targeting important public and private organizations worldwide since at least 2004.
The researchers report that the new Graphican backdoor is an evolution of an older malware used by the hackers rather than a tool created from scratch.
EWSTEW - Custom APT15 backdoor extracting emails from infected Microsoft Exchange servers.
Web shells - AntSword, Behinder, China Chopper, Godzilla, giving the hackers backdoor access to the breached systems.
In conclusion, the recent activity of APT15 and the refresh of its custom backdoor shows that the Chinese hacking group remains a menace to organizations worldwide, improving its tools and working on making its operations stealthier.
News URL
Related news
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Chinese hackers targeted sanctions office in Treasury attack (source)
- US sanctions Chinese company linked to Flax Typhoon hackers (source)
- Chinese hackers also breached Charter and Windstream networks (source)
- US Treasury hack linked to Silk Typhoon Chinese state hackers (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- FBI wipes Chinese PlugX malware from over 4,000 US computers (source)
- FBI deletes Chinese PlugX malware from thousands of US computers (source)
- FBI wipes Chinese PlugX malware from thousands of Windows PCs in America (source)
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)