Rewterz Threat Advisory – CVE-2020-27835 – Linux Kernel denial of service
January 11, 2021Rewterz Threat Alert – APT C-35 Active In the Southeast Asian Region
January 11, 2021Rewterz Threat Advisory – CVE-2020-27835 – Linux Kernel denial of service
January 11, 2021Rewterz Threat Alert – APT C-35 Active In the Southeast Asian Region
January 11, 2021Severity
High
Analysis Summary
APT C-35 aka (Donot Team) has been actively dropping malicious files for template injection. The group has a history of attacking Pakistani government officials and military personnel and has been linked to India. They
previously targeted Pakistani users with android malware named (StealJob) was used to target Pakistani android mobile users by Phishing on the name of “Kashmiri Voice” The attackers hunt for confidential information and intellectual property. The hackers’ targets include countries in South Asia, in particular, state sector of Pakistan.
Impact
- Credential theft
- Exposure of sensitive data
Indicators of Compromise
Filename
Procurement Details[.]docx
MD5
79b09a28e122177ba7c0e8bb77011295
SHA-256
2e9acc12fac84e54afabf2f10377fc3a01ecc786332575e40ab39b03ae330d4d
SHA1
e46529af71c3efc2488985cc5f05098dcd92eca5
URL
hxxp[:]//securecon[.]top/KB8XP/178P
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.