CYFIRMA Research

Cyber defenders, listen up! The CYFIRMA Research podcast has some juicy intel on the latest cyber threats that are lurking in the shadows. Tune in to this security briefing to stay on top of emerging threats and be ready to tackle digital risk like never before.

All Episodes

CYFIRMA Research

CYFIRMA Research- Android Malware in DONOT APT Operations

January 22, 2025 • CYFIRMA

The CYFIRMA team has analyzed malware linked to the Indian APT group DONOT, uncovering its use of a deceptive app called “Tanzeem” to gather intelligence under the guise of a chat platform. The app shuts down after permissions are granted, suggesting a targeted approach. Two analyzed versions, from October and December, showed minimal differences, indicating consistent tactics. The misuse of the OneSignal platform, typically for legitimate notifications, to deliver phishing links highlights the group’s evolving methods to maintain persistence. These findings emphasize the need to understand such threats as the group continues adapting to target individuals across the region. Read the full analysis for more details.

Link to the Research Report: https://www.cyfirma.com/research/android-malware-in-donot-apt-operations/

#CyberSecurity #APTGroup #ThreatIntelligence #donotapt #aptdonot #internalthreat #CYFIRMA #tanzeem #OneSignal #androidmalware #malware #CyfirmaResearch #ExternalThreatLandscapeManagement #ETLM

https://www.cyfirma.com/