SYMBOL | COMMON_NAME | aka. SYNONYMS |
This threat actor uses phishing techniques to compromise the networks of foreign ministries of European countries for espionage purposes.
2023-06-21 ⋅ Symantec ⋅ Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries Graphican |
2022-08-04 ⋅ Mandiant ⋅ Advanced Persistent Threats (APTs) APT1 APT10 APT12 APT14 APT15 APT16 APT17 APT18 APT19 APT2 APT20 APT21 APT22 APT23 APT24 APT27 APT3 APT30 APT31 APT4 APT40 APT5 APT9 Naikon |
2022-04-28 ⋅ PWC ⋅ Cyber Threats 2021: A Year in Retrospect BPFDoor APT15 APT31 APT41 APT9 BlackTech BRONZE EDGEWOOD DAGGER PANDA Earth Lusca HAFNIUM HAZY TIGER Inception Framework LOTUS PANDA QUILTED TIGER RedAlpha Red Dev 17 Red Menshen Red Nue VICEROY TIGER |
2021-10-07 ⋅ Microsoft ⋅ Microsoft Digital Defense Report - October 2021 APT15 APT31 APT40 APT5 Earth Lusca HAFNIUM |
2020 ⋅ Secureworks ⋅ BRONZE PALACE BS2005 Enfal Mirage RoyalCli Royal DNS APT15 |
2019-10-16 ⋅ APT15 Mirage MirageFox APT15 |
2019 ⋅ MITRE ⋅ Group description: Ke3chang APT15 |
2019 ⋅ Council on Foreign Relations ⋅ Mirage APT15 |
2018-03-16 ⋅ Github (nccgroup) ⋅ Royal APT - APT15 Repository BS2005 MS Exchange Tool RoyalCli Royal DNS APT15 |
2018-03-10 ⋅ NCC Group ⋅ APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS BS2005 MS Exchange Tool RoyalCli Royal DNS APT15 |
2016-05-22 ⋅ Palo Alto Networks Unit 42 ⋅ Operation Ke3chang Resurfaces With New TidePool Malware APT15 |
2015-04-15 ⋅ Ars Technica ⋅ Elite cyber crime group strikes back after attack by rival APT gang APT15 |
2014-09-04 ⋅ FireEye ⋅ Forced to Adapt: XSLCmd Backdoor Now on OS X XSLCmd APT15 |
2014-08-13 ⋅ FireEye ⋅ Operation Saffron Rose APT15 |
2013-12-12 ⋅ FireEye Inc ⋅ OPERATION “KE3CHANG”:Targeted Attacks Against Ministries of Foreign Affairs Tidepool APT15 |