An advanced persistent threat (APT) actor has been tracked in a new campaign deploying Android malware via the Syrian e-Government Web Portal. StrongPity, also codenamed Promethium by Microsoft, is believed to have been active since 2012 and has typically focused on targets across Turkey and Syria. The malware is designed to perform long-running tasks in the background and trigger a request to a remote command-and-control server, which responds back with an encrypted payload containing a settings file that allows the “malware to change its behavior”
Source: https://thehackernews.com/2021/07/apt-hackers-distributed-android-trojan.html