Security is Everyone's Job


APT-C-35, also known as DoNot Team or Brainworm.

This group is believed to be linked with the Indian government and has been active since at least 2016

Some sources suggest that they may have been involved in earlier campaigns, such as Operation Hangover in 2013 or even 2010

APT-C-35 mainly targets South Asian countries, especially those that have a conflict or dispute with India, such as Pakistan, Sri Lanka, Bangladesh, and Kashmir

They focus on government and military organizations, ministries of foreign affairs, and embassies


APT-C-35 uses various methods to infect and spy on their victims, such as spear phishing emails, malicious attachments, remote template injection, and trojanized apps on Google Play

They have developed and used Windows and Android spyware frameworks, such as YTY, Jaca, and DTrack

These frameworks have modular architecture and multiple functionalities, such as file collection, screenshots, keylogging, reverse shell, browser stealing, and gathering system information