diff --git a/clusters/threat-actor.json b/clusters/threat-actor.json index a9c864d..2be228e 100644 --- a/clusters/threat-actor.json +++ b/clusters/threat-actor.json @@ -5764,7 +5764,9 @@ "description": "In March 2017, the 360 Chasing Team found a sample of targeted attacks that confirmed the previously unknown sample of APT's attack actions, which the organization can now trace back at least in April 2016. The chasing team named the attack organization APT-C-35. In June 2017, the 360 Threat Intelligence Center discovered the organization’s new attack activity, confirmed and exposed the gang’s targeted attacks against Pakistan, and analyzed in detail. The unique EHDevel malicious code framework used by the organization", "meta": { "refs": [ - "https://ti.360.net/blog/articles/latest-activity-of-apt-c-35/" + "https://ti.360.net/blog/articles/latest-activity-of-apt-c-35/", + "https://www.netscout.com/blog/asert/donot-team-leverages-new-modular-malware-framework-south-asia", + "https://ti.360.net/blog/articles/donot-group-is-targeting-pakistani-businessman-working-in-china-en/" ], "synonyms": [ "DoNot Team"