New Okrum Malware Used by Ke3chang Group to Target Diplomats

[silversurfer]

Content source

https://www.bleepingcomputer.com/news/security/new-okrum-malware-used-by-ke3chang-group-to-target-diplomats/

Updated malware implants and a new backdoor named Okrum connected with the Ke3chang threat group operating from China have been found by ESET researchers while monitoring their operations between 2015 and 2019.

The cyber-espionage activities of the Ke3chang advanced persistent threat (APT) group (also known as Vixen Panda, Royal APT, Playful Dragon, and APT15) span over almost a decade, going as far as 2010 according to FireEye researchers.

The hacking group's main targets are entities from the oil industry and military, government contractors, as well as European diplomatic missions and organizations.

Okrum: Ke3chang group targets diplomatic missions

ESET researchers have discovered new versions of malware families linked to the elusive Ke3chang APT group, as well as a previously unreported backdoor.

www.welivesecurity.com