High
APT-C-27 also known as GpldMouse threat group. he APT group is reportedly targeting the Middle East region. Android devices are targeted – The researchers also detected multiple samples designed to target Android devices. Multiple related Android samples with C2 205.251.145[.]29 295.yao[.]cl 94.177.251[.]146 have been found. Those recent Android backdoors are disguised as commonly used applications such as Android system. Once these false ‘HD.APK’ files are downloaded on the device, attackers use the C2 server to capture details such as GPS Positioning and perform tasks like recording and photographing from the device.