Contact Contact Us

Donot APT Group Targets Pakistani Businessman In China

The Donot APT group, also known as APT-C-35, has been targeting a Pakistani businessman working in China since May. The group sends the victim a macros-laden Excel file as an attachment in a spear phishing email. Once the victim enables macros, it installs a downloader that installs other backdoor, keylogging, and downloader plugins. Donot is known to target entities in Pakistan and South Asian countries for cyber espionage purposes. Researchers have observed at least four campaigns against Pakistan since 2017.

[1] Donot (APT-C-35) Group Is Targeting Pakistani Businessman Working In China

Ensign InfoSecurity Singapore
30A Kallang Place
Singapore 339213

Tel: +65 6788 2882
Fax: +65 6788 3883