APT15 Archives - Security Affairs

Pierluigi Paganini December 07, 2021

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Microsoft seized dozens of malicious domains used by the China-linked APT15 group to target organizations worldwide. Microsoft announced to have obtained a court warrant that allowed it to seize 42 domains used by a China-linked APT15 group (aka Nickel, Ke3chang, Mirage, Vixen Panda, Royal APT and Playful Dragon) in recent operations that targeted organizations in the US and 28 other countries. […]

Pierluigi Paganini May 28, 2020

Ke3chang hacking group adds new Ketrum malware to its arsenal

The Ke3chang hacking group added a new malware dubbed Ketrum to its arsenal, it borrows portions of code and features from older backdoors. The Ke3chang hacking group (aka APT15, Vixen Panda, Playful Dragon, and Royal APT) has developed new malware dubbed Ketrum by borrowing parts of the source code and features from their older Ketrican and […]

Pierluigi Paganini July 24, 2019

China-Linked APT15 group is using a previously undocumented backdoor

ESET researchers reported that China-linked cyberespionage group APT15 has been using a previously undocumented backdoor for more than two years. Security researchers at ESET reported that China-linked threat actor APT15 (aka Ke3chang, Mirage, Vixen Panda, Royal APT and Playful Dragon) has been using a previously undocumented backdoor for more than two years. APT15 has been active […]

Pierluigi Paganini June 18, 2018

China-Linked APT15 is still very active, experts found its new malware tracked as ‘MirageFox’

Following the recent hack of a US Navy contractor security experts found evidence of very recent activity by the China-linked APT group tracked as APT15. The China-linked APT15 group (aka Ke3chang, Mirage, Vixen Panda, Royal APT and Playful Dragon) has developed a new strain of malware borrowing the code from one of the tool he used in past […]

Pierluigi Paganini March 12, 2018

China-Linked APT15 used new backdoors in attack against UK Government’s service provider

China-Linked APT15 used new backdoors is an attack that is likely part of a wider operation aimed at contractors at various UK government departments and military organizations. Last week Ahmed Zaki, a senior malware researcher at NCC Group, presented at the Kaspersky’s Security Analyst Summit (SAS), details of a malware-based attack against the service provider for the […]

APT15

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Ke3chang hacking group adds new Ketrum malware to its arsenal

China-Linked APT15 group is using a previously undocumented backdoor

China-Linked APT15 is still very active, experts found its new malware tracked as ‘MirageFox’

China-Linked APT15 used new backdoors in attack against UK Government’s service provider

newsletter

Subscribe to my email list and stay
up-to-date!

recent articles

CitrixBleed 2: The nightmare that echoes the 'CitrixBleed' flaw in Citrix NetScaler devices

Hackers deploy fake SonicWall VPN App to steal corporate credentials

Mainline Health Systems data breach impacted over 100,000 individuals

Disrupting the operations of cryptocurrency mining botnets

Prometei botnet activity has surged since March 2025

QUICK LINKS

APT15

newsletter

Subscribe to my email list and stay up-to-date!

recent articles

Subscribe to my email list and stay
up-to-date!