APT-C-35 infection chain adds novel Windows framework modules

Threat Advisories

APT-C-35 infection chain adds novel Windows framework modules

Threat Level
Actor Report

For a detailed advisory, download the pdf file here

Summary

APT-C-35 is an advanced persistent threat actor that has been active since 2016. The gang has upgraded its Windows spyware architecture, dubbed YTY, Jaca. They target South Asian government and military institutions, foreign ministries, and embassies.