Disclosure of APT-C-35's recent attack activities
released on 2023-02-08 @ 03:35:20 PM
APT-C-35 (Brainworm), also known as Donot, is an overseas APT organization from South Asia. They mainly conduct cyber espionage activities against government agencies in Pakistan and neighboring countries and regions, mainly to steal sensitive information. The APT-C-35 organization uses PPT or XLS files as attack vectors. When the victim opens the malicious file, it will immediately release a compressed file and a batch file, and create 3 scheduled tasks.