| Attribute | Value |
|---|---|
| Name | Flea |
| Aliases | APT15 Backdoor Diplomacy ke3chang Nylon Typhoon (formerly Nickel) Playful Taurus Royal APT Vixen Panda |
| Type | Malware |
| Country of Origin | China |
| State Sponsored | []Unknown [] Unconfirmed [x] Confirmed |
| Active Since | 2004 |
| Discovered by | Symantec |
| Target Countries | Americas |
| Target Organizations | Various ministries of foreign affairs |
| Organization Size | |
| First discovered | |
| Tools | Graphican is said to be an evolution of a known Flea backdoor called Ketrican, features from which have since been merged with another implant known as Okrum to spawn a new malware dubbed Ketrum. The backdoor, despite having the same functionality, stands apart from Ketrican for making use of Microsoft Graph API and OneDrive to obtain the details of command-and-control (C&C) server. |
| Tactic | Gain persistent access to its target networks |
| Technique | Backdoor |
| Procedures | backdoor.Graphican, a third generation backdoor |
| Organizations Attacked | Foreign affairs ministries |
Security Privacy Risk
Your Trusted Cyber Security Advisor!