| ID | Votes | Profile Description |
|---|---|---|
| Ketrican | 2 | Ketrican is a type of malware, or malicious software, that was developed to exploit and damage computer systems. It's associated with the Ke3chang group and is known for its ability to infiltrate systems through suspicious downloads, emails, or websites. Once inside a system, Ketrican can steal pers |
| Bad Magic | 1 | Bad Magic, a malicious software (malware), was first reported by Kaspersky in March 2023. The malware is associated with a hacker group known as 'Bad Magic' or 'Red Stinger', which targets companies involved in the Russo-Ukrainian conflict. The group's modus operandi involves the use of a backdoor c |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| BS2005 | Unspecified | 2 | BS2005 is a malicious software (malware) traditionally used by a cybercriminal group for harmful activities. The malware infiltrates systems via suspicious downloads, emails, or websites and can steal personal information, disrupt operations, or hold data hostage for ransom. BS2005, known as a backd |
| Okrum | Unspecified | 1 | Okrum is a malware that belongs to the Ke3chang Group's arsenal of malicious tools. It is a sophisticated program designed to infiltrate computer systems and carry out harmful activities. Okrum has been identified as an evolution of the Flea backdoor named Ketrican, combining features from both Ketr |
| Taurus | Unspecified | 1 | Taurus is a malicious software (malware) that has been associated with multiple cyber threat actors, notably Stately Taurus, Iron Taurus, and Starchy Taurus, all of which have connections to Chinese Advanced Persistent Threats (APTs). The malware is designed to infiltrate systems and steal personal |
| Godzilla | Unspecified | 1 | Godzilla is a potent malware that allows attackers to remotely control compromised servers, execute arbitrary commands, upload and download files, manipulate databases, and perform other malicious activities. The malware was linked to a group known as Ethereal Panda by CrowdStrike due to their simil |
| China Chopper | Unspecified | 1 | China Chopper is a notorious malware that has been widely used by various Advanced Persistent Threat (APT) groups, notably BRONZE UNION. This web shell was found embedded in multiple web shells on SharePoint servers, such as stylecs.aspx, test.aspx, and stylecss.aspx. It is believed to be associated |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
| APT15 | Unspecified | 2 | APT15, also known as Vixen Panda, Nickel, Flea, KE3CHANG, Royal APT, and Playful Dragon, is a threat actor group suspected to be of Chinese origin. The group targets global sectors including trade, economic and financial, energy, and military, aligning with the interests of the Chinese government. I |
| Flea | Unspecified | 1 | Flea, also known as APT15 or Nickel, is a China-linked threat actor primarily targeting foreign affairs ministries in Central and South American countries. The group's latest campaign utilizes a novel backdoor named "Graphican," which is an evolution of their custom backdoor Ketrican. This new backd |
| NICKEL | Unspecified | 1 | Nickel is a notable threat actor, or malicious entity, that has been involved in significant cyber operations. Notably, Nickel targeted government organizations across Latin America and Europe, alongside other nation-state affiliated threat actors such as FIN6 and Emissary Panda. These groups focuse |
| APT28 | Unspecified | 1 | APT28, also known as Fancy Bear, is a threat actor linked to Russia and has been involved in numerous cyber espionage campaigns. The group is notorious for its sophisticated tactics, techniques, and procedures (TTPs). Recently, NATO and the EU formally condemned APT28's activities, acknowledging the |
| GALLIUM | Unspecified | 1 | Gallium, also known as Alloy Taurus, is a China-aligned threat actor known for executing actions with malicious intent in the cyber domain. In recent years, Gallium has been associated with various significant cyber-espionage campaigns. The group targeted telecommunication entities in the Middle Eas |
| Sword2033 | Unspecified | 1 | Sword2033 is a new and previously undocumented backdoor tool used by the China-linked threat actor known as Alloy Taurus. This group, also referred to as GALLIUM or Softcell, has been actively targeting Linux systems with a variant of the PingPull backdoor, while also deploying Sword2033 in their op |
| Ke3chang | Unspecified | 1 | Ke3chang, also known as APT15, Mirage, Vixen Panda GREF, and Playful Dragon, is a prominent threat actor that has been active since at least 2010. According to the European Union Agency for Cybersecurity (ENISA), this group has consistently targeted energy, government, and military sectors. Ke3chang |
| ID | Type | Votes | Profile Description |
|---|---|---|---|
No associations to display |
| Source | CreatedAt | Title |
|---|---|---|
| CERT-EU | 10 months ago | My Tea's not cold : an overview of China's cyber threat – Global Security Mag Online |
| CERT-EU | a year ago | ‘Earth Estries’ Cyberespionage Group Targets Government, Tech Sectors |
| CERT-EU | a year ago | Industrial Organizations in Eastern Europe Targeted by Chinese Cyberspies |
| CERT-EU | a year ago | Novel Graphican backdoor leveraged in Chinese APT attacks against foreign ministries |
| CERT-EU | a year ago | Les dernières cyberattaques détectées | 27 juin 2023 |
| CERT-EU | a year ago | Cyber security week in review: June 23, 2023 |
| CERT-EU | a year ago | China-Linked APT15 Targets Foreign Ministries With ‘Graphican’ Backdoor |
| CERT-EU | a year ago | China-sponsored APT group targets government ministries in the Americas |
| DARKReading | a year ago | 20-Year-Old Chinese APT15 Finds New Life in Foreign Ministry Attacks |
| CERT-EU | a year ago | Chinese Hackers APT15 Use New Backdoor Malware to Target American Ministries |
| CERT-EU | a year ago | Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor |
| CERT-EU | a year ago | Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor – GIXtools |
| CERT-EU | a year ago | Flea APT’s latest campaign targets foreign affairs ministries with new Graphican backdoor |