SYMBOL | COMMON_NAME | aka. SYNONYMS |
In March 2017, the 360 Chasing Team found a sample of targeted attacks that confirmed the previously unknown sample of APT's attack actions, which the organization can now trace back at least in April 2016. The chasing team named the attack organization APT-C-35. In June 2017, the 360 Threat Intelligence Center discovered the organization’s new attack activity, confirmed and exposed the gang’s targeted attacks against Pakistan, and analyzed in detail. The unique EHDevel malicious code framework used by the organization
2020-10-30 ⋅ 360 Core Security ⋅ 肚脑虫组织( APT-C-35)疑似针对巴基斯坦军事人员的最新攻击活动 Unidentified APK 005 |
2020-10-29 ⋅ Cisco Talos ⋅ DoNot’s Firestarter abuses Google Firebase Cloud Messaging to spread Unidentified APK 005 |
2020-09-30 ⋅ RiskIQ ⋅ Diving Into DONOT's Mobile Rabbit Hole Unidentified APK 005 |
2020-06-01 ⋅ Twitter (@voodoodahl1) ⋅ Tweet on malware called knspy used by Donot Unidentified APK 005 |
2020-04-08 ⋅ Tencent ⋅ Donot team organization (APT-C-35) mobile terminal attack activity analysis Unidentified APK 005 |
2020 ⋅ Secureworks ⋅ ZINC EMERSON yty Dropping Elephant |
2019-11-15 ⋅ Positive Technologies ⋅ Studying Donot Team yty |
2019-08-02 ⋅ NSHC ⋅ SectorE02 Updates YTY Framework in New Targeted Campaign Against Pakistan Government yty |
2018-12-12 ⋅ 360 Threat Intelligence ⋅ Donot (APT-C-35) Group Is Targeting Pakistani Businessman Working In China APT-C-35 |
2018-07-26 ⋅ Analysis of the latest attack activities of APT-C-35 yty APT-C-35 |
2018-03-08 ⋅ NetScout ⋅ Donot Team Leverages New Modular Malware Framework in South Asia yty |
2018-03-08 ⋅ NetScout ⋅ Donot Team Leverages New Modular Malware Framework in South Asia APT-C-35 |