Security News > 2023 > June > Chinese APT15 hackers resurface with new Graphican malware

The Chinese state-sponsored hacking group tracked as APT15 has been observed using a novel backdoor named 'Graphican' in a new campaign between late 2022 and early 2023.
APT15, also known as Nickel, Flea, Ke3Chang, and Vixen Panda, are Chinese state hackers targeting important public and private organizations worldwide since at least 2004.
The researchers report that the new Graphican backdoor is an evolution of an older malware used by the hackers rather than a tool created from scratch.
EWSTEW - Custom APT15 backdoor extracting emails from infected Microsoft Exchange servers.
Web shells - AntSword, Behinder, China Chopper, Godzilla, giving the hackers backdoor access to the breached systems.
In conclusion, the recent activity of APT15 and the refresh of its custom backdoor shows that the Chinese hacking group remains a menace to organizations worldwide, improving its tools and working on making its operations stealthier.
News URL
Related news
- Chinese hackers use custom malware to spy on US telecom networks (source)
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- Chinese hackers breach more US telecoms via unpatched Cisco routers (source)
- Chinese Hackers Exploit MAVInject.exe to Evade Detection in Targeted Cyber Attacks (source)
- Chinese hackers abuse Microsoft APP-v tool to evade antivirus (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)
- Belgium probes if Chinese hackers breached its intelligence service (source)