New research by ESET provides insights into the activity of the Ke3chang advanced persistent threat (APT) group that is believed to be operating out of China. Since 2015, Ke3chang has been targeting diplomatic entities in various countries across the globe, with a particular focus on Europe and Latin America.
Ke3chang campaigns rely on various malware families, including the Okrum backdoor, which is used to deliver the Ketrican backdoor onto compromised systems. Ke3chang is constantly updating its malware.