"Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor"

In a recent campaign spanning from late 2022 to early 2023, a Chinese state-sponsored actor named "Flea" targeted foreign affairs ministries in the Americas. According to Broadcom's Symantec, the cyberattacks involved a new backdoor called "Graphican." Other targets included a government finance department, a company that markets products in the Americas, and an unidentified victim in a European country. In this campaign, Flea used many tools, the company said, describing the threat actor as "large and well-resourced." In addition to the new Graphican backdoor, the attackers used various living-off-the-land (LOTL) methods and tools previously associated with Flea. Since 2004, Flea, also known as APT15, BackdoorDiplomacy, ke3chang, Nylon Typhoon (formerly Nickel), Playful Taurus, Royal APT, and Vixen Panda, has been known to target governments, diplomatic missions, and embassies. This article continues to discuss the Chinese state-sponsored actor Flea targeting foreign affairs ministries in the Americas with the Graphican backdoor. 

THN reports "Chinese Hacker Group 'Flea' Targets American Ministries with Graphican Backdoor"