Attribute | Value |
---|---|
Name | Flea |
Aliases | APT15 Backdoor Diplomacy ke3chang Nylon Typhoon (formerly Nickel) Playful Taurus Royal APT Vixen Panda |
Type | Malware |
Country of Origin | China |
State Sponsored | []Unknown [] Unconfirmed [x] Confirmed |
Active Since | 2004 |
Discovered by | Symantec |
Target Countries | Americas |
Target Organizations | Various ministries of foreign affairs |
Organization Size | |
First discovered | |
Tools | Graphican is said to be an evolution of a known Flea backdoor called Ketrican, features from which have since been merged with another implant known as Okrum to spawn a new malware dubbed Ketrum. The backdoor, despite having the same functionality, stands apart from Ketrican for making use of Microsoft Graph API and OneDrive to obtain the details of command-and-control (C&C) server. |
Tactic | Gain persistent access to its target networks |
Technique | Backdoor |
Procedures | backdoor.Graphican, a third generation backdoor |
Organizations Attacked | Foreign affairs ministries |