DoNot APT
The DoNot APT, also known as DoNot Team, APT-C-35, and SectorE02, is a cybercrime organization whose activities are believed to have started in 2012. They have been paying extra attention to mobile malware campaigns recently by introducing Android threats like the Firestarter Trojan. The group's operations are usually focused on the Asia region, and many of their victims reside in the Philippines, Sri Lanka, India, Thailand and Bangladesh. However, the scope of the hackers has sometimes expanded beyond Asia too – some of their past operations involved targets in Argentina, the United Kingdom and the United Arab Emirates.
Although the DoNot APT recent attacks appear to target mobile devices, they have been involved with plenty of Windows malware in the past – the group has used data-collecting malware, keyloggers, Remote Access Trojans and even a custom-built framework called YTY frequently.
Victims of the DoNot APT are often approached via spear-phishing emails, but the criminals also have employed other social engineering tricks in the past. Apart from using threatening software, they also have leveraged legitimate platforms and services to aid them in their attacks – for example, Google Docs was used in some of their previous campaigns.
The DoNot APT hackers' origin is not clear, but there are reasons to believe that it might be a nation-backed threat actor in Asia. While some of the group's malware is not very advanced, the YTY Framework is one of their more impressive projects thanks to its modular design and heavily-obfuscated features, undoubtedly.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.