Finance

Donot APT Group Targets Pakistani Businessman In China

11 - 18 December 2018

The Donot APT group, also known as APT-C-35, has been targeting a Pakistani businessman working in China since May.
Cyber_News_Finance
The Donot APT group, also known as APT-C-35, has been targeting a Pakistani businessman working in China since May. The group sends the victim a macros-laden Excel file as an attachment in a spear phishing email. Once the victim enables macros, it installs a downloader that installs other backdoor, keylogging, and downloader plugins. Donot is known to target entities in Pakistan and South Asian countries for cyber espionage purposes. Researchers have observed at least four campaigns against Pakistan since 2017. 

References:
[1] Donot (APT-C-35) Group Is Targeting Pakistani Businessman Working In China
 
 

More Weekly Cyber Newsanalysis and insights

Ensign Consulting

Enhancing your security posture, developing your cyber strategy, and designing your incident response plans.​

Ensign Systems Integration

Architecting and implementing cybersecurity solutions that bolster defences

Ensign Managed Security Services

Managing your security operations for advanced threat detection, continuous monitoring, and triage services

Ensign Labs

Performing deep research to analyse vulnerabilities, deploy advanced threat hunting and provide cyber threat intelligence