IntelNexus
FeedMapBoardBountiesBrief
Sign InDrop IntelDrop
Feed/Webworm Deploys EchoCreep and GraphWorm
HIGHCYBERFREE

Webworm Deploys EchoCreep and GraphWorm Backdoors Using Discord and MS Graph API

Provenance𝕏 Tweet42 viewsMay 21, 2026

Cybersecurity researchers have flagged fresh activity from a China-aligned threat actor known as Webworm in 2025, deploying custom backdoors that employ Discord and Microsoft Graph API for command-and-control (C2 or C&C) communications. Webworm, first publicly documented by Broadcom-owned Symantec in September 2022, is assessed to be active since at least 2022, targeting government agencies Source: The Hacker News

China, CN
#hacker#security#breach#cyber#china

AI Credibility Assessment

68%
1 Corroborations
ANONYMOUS
🔥

21 analysts are discussing this

Live debate happening on Signal Wars

Join fight →
Loading discussion…
click ↩ reply on any comment to fight back
← Back to Feed