BackdoorDiplomacy

Threat Actor updated 4 months ago (2024-06-05T15:17:30.504Z)
Download STIX
Preview STIX
BackdoorDiplomacy, also known as Playful Taurus, APT15, Vixen Panda, KeChang, and NICKEL, is a threat actor group associated with Chinese cyber espionage campaigns. This group has been particularly active in Africa, targeting high-priority organizations in telecommunications, finance, and government sectors, especially in South Africa, Kenya, Senegal, and Ethiopia. Their activities have been linked to China's strategic ambitions in shaping policies and narratives that align with its geopolitical objectives, thus playing a significant role in Africa's digital evolution. The group's activities have been tracked under various names, including BackdoorDiplomacy, Cluster Alpha, and TA428, reflecting the complex and evolving nature of their operations. They have demonstrated a capacity for upgrading their tools, as evidenced by their shift from Quarian to Turian. They are also known for conducting new attacks against telecommunication, finance, and government entities, which have been attributed to both the BackdoorDiplomacy APT and the group behind Operation Tainted Love. These groups' activities have been detailed in multiple reports, including those by ESET, Bitdefender, and SentinelOne, highlighting their sustained strategic intrusions in Africa. The disclosure of these activities coincided with a parallel report detailing similar tactics used by other China-linked APT groups, including Earth Estries and Operation Tainted Love. These findings underscore the persistent and pervasive threat posed by these actors to global cybersecurity.
Description last updated: 2024-06-05T15:15:38.618Z
What's your take? (Question 1 of 1)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Aliases We are not currently tracking any aliases
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Apt
Espionage
Analyst Notes & Discussion
Be the first to leave your mark here! Log in to share your views and vote.
Source Document References
Information about the BackdoorDiplomacy Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more