SYMBOLCOMMON_NAMEaka. SYNONYMS

APT15  (Back to overview)

aka: BRONZE DAVENPORT, BRONZE IDLEWOOD, BRONZE PALACE, G0004, Ke3Chang, Lurid, Metushy, NICKEL, Nylon Typhoon, Playful Dragon, Red Vulture, Royal APT, Social Network Team, VIXEN PANDA

This threat actor uses phishing techniques to compromise the networks of foreign ministries of European countries for espionage purposes.


Associated Families
win.graphican

References
2023-06-21SymantecThreat Hunter Team
Graphican: Flea Uses New Backdoor in Attacks Targeting Foreign Ministries
Graphican
2022-08-04MandiantMandiant
Advanced Persistent Threats (APTs)
APT1 APT10 APT12 APT14 APT15 APT16 APT17 APT18 APT19 APT2 APT20 APT21 APT22 APT23 APT24 APT27 APT3 APT30 APT31 APT4 APT40 APT5 APT9 Naikon
2022-04-28PWCPWC UK
Cyber Threats 2021: A Year in Retrospect
BPFDoor APT15 APT31 APT41 APT9 BlackTech BRONZE EDGEWOOD DAGGER PANDA Earth Lusca HAFNIUM HAZY TIGER Inception Framework LOTUS PANDA QUILTED TIGER RedAlpha Red Dev 17 Red Menshen Red Nue VICEROY TIGER
2021-10-07MicrosoftMicrosoft
Microsoft Digital Defense Report - October 2021
APT15 APT31 APT40 APT5 Earth Lusca HAFNIUM
2020-01-01SecureworksSecureWorks
BRONZE PALACE
BS2005 Enfal Mirage RoyalCli Royal DNS APT15
2019-10-16Jay Rosenberg
APT15
Mirage MirageFox APT15
2019-01-01MITREMITRE ATT&CK
Group description: Ke3chang
APT15
2019-01-01Council on Foreign RelationsCyber Operations Tracker
Mirage
APT15
2018-03-16Github (nccgroup)NCC Group PLC
Royal APT - APT15 Repository
BS2005 MS Exchange Tool RoyalCli Royal DNS APT15
2018-03-10NCC GroupRob Smallridge
APT15 is alive and strong: An analysis of RoyalCli and RoyalDNS
BS2005 MS Exchange Tool RoyalCli Royal DNS APT15
2016-05-22Palo Alto Networks Unit 42Brandon Levene, Jen Miller-Osborn, Micah Yates, Mike Scott, Tom Keigher
Operation Ke3chang Resurfaces With New TidePool Malware
APT15
2015-04-15Ars TechnicaDan Goodin
Elite cyber crime group strikes back after attack by rival APT gang
APT15
2014-09-04FireEyeJames T. Bennett, Mike Scott
Forced to Adapt: XSLCmd Backdoor Now on OS X
XSLCmd APT15
2014-08-13FireEyeFireEye
Operation Saffron Rose
APT15
2013-12-12FireEye IncJames T. Bennett, Kenneth Geers, Mike Scott, Nart Villeneuve, Ned Moran, Thoufique Haq
OPERATION “KE3CHANG”:Targeted Attacks Against Ministries of Foreign Affairs
Tidepool APT15

Credits: MISP Project