Researchers at CSE Cybsec ZLab analyzed a malicious code involved in a long-term espionage campaign in Syria attributed to a APT-C-27 group. The malicious code was used to compromise entities in the area, the researchers discovered that it was part of the arsenal of a group tracked by the 360 Threat Intelligence Center. The code was not so sophisticated, anyway, the activity of the group is still ongoing and that the threat actor continues to improve its malicious code. The group used both Windows and Android malware to compromise target devices to exfiltrate sensitive information.”]
Source: https://securityaffairs.co/wordpress/74670/malware/apt-c-27-syria-espionage.html