Playful Dragon

Threat Actor updated 7 months ago (2024-05-04T17:57:46.635Z)

Download STIX

Preview STIX

Playful Dragon, also known as APT15, Ke3chang, Mirage, Vixen Panda, GREF, Flea, Nickel, and Royal APT, is a notable threat actor in the cybersecurity sphere. This group has been identified by cybersecurity professionals as being behind numerous malicious activities with a history of targeting government entities, diplomatic missions, and embassies. Their actions are believed to be primarily focused on intelligence gathering, posing significant risks to national security and sensitive information. In recent years, Playful Dragon's activities have broadened to include attacks against diplomatic organizations, government organizations, and non-governmental organizations (NGOs). Their modus operandi involves the use of sophisticated backdoor exploits for unauthorized access and control over targeted systems. Symantec researchers detailed these activities in a blog post on June 21, highlighting the group's evolving tactics and persistent threat. Last June, an incident involving a new exploit named Backdoor.Graphican was reported. This backdoor was used by Playful Dragon against foreign affairs ministries in the Americas, marking a resurgence of the group's activities. The attack underscores the ongoing threat posed by this group, emphasizing the need for increased vigilance and robust cybersecurity measures among potential target organizations.

Description last updated: 2024-05-02T13:16:46.869Z

What's your take? (Question 1 of 1)

Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.

Possible Aliases / Cluster overlaps

It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at. Create a free account to see the source evidence for each alias, and help fix any errors.

Alias Description	Votes
APT15 is a possible alias for Playful Dragon. APT15, also known as Vixen Panda, Nickel, Flea, KE3CHANG, Royal APT, and Playful Dragon, is a threat actor group suspected to be of Chinese origin. The group targets global sectors including trade, economic and financial, energy, and military, aligning with the interests of the Chinese government. I	2

Miscellaneous Associations

Other elements of context that could aid in the identification of relevance

Apt

Analyst Notes & Discussion

Be the first to leave your mark here! Log in to share your views and vote.

Source Document References

Information about the Playful Dragon Threat Actor was read from the documents corpus below. This display is limited to 20 results, create a free account to see more

Source Link	CreatedAt	Title
DARKReading	7 months ago	Microsoft Graph API Emerges as a Top Attacker Tool to Plot Data Theft
DARKReading	a year ago	20-Year-Old Chinese APT15 Finds New Life in Foreign Ministry Attacks
MITRE	2 years ago	MirageFox: APT15 Resurfaces With New Tools Based On Old Ones - Intezer
MITRE	2 years ago	APT15 is Alive and Strong: An Analysis of RoyalCli and RoyalDNS