Naikon Naikon

  • First known sample

  • Discovery

  • Number of targets

  • Current status

  • Type

    Backdoor , Remote administration tool , Trojan
  • Targeted platforms

  • TOP targeted countries

    CIS , Canada , Indonesia , Lao People's Democratic Republic , Malaysia , Myanmar , Nepal , Philippines , Singapore , Thailand , Vietnam

More about the Naikon group, its tactics, techniques, procedures and tools

Learn more
  • The way of propagation

    Exploits , Social engineering
  • Purpose/Functions

    Cyberespionage , Remote control , Surveillance
  • Special features

    Each target country has a designated human operator, whose job it is to take advantage of cultural aspects of the country, such as a tendency to use personal email accounts for work

  • Targets

    Government entities , Military , Private companies
  • Artefacts/Attribution

    Naikon attackers appear to be Chinese-speaking (several indicators, such as Remote administration tool's admin and Honker Union code)

  • Description

    A highly active threat actor engaged in gathering geo-political intelligence in Asia and primarily targeting government, civil, and military organizations from countries in the South China Sea. The attackers use a decoy Word document to download spyware—including their custom backdoor—on the victims’ computer without the victim becoming aware.

    Additional information