The malicious Android apps were discovered by Cyfirma, who attributed the operation with medium confidence to the Indian hacking group “DoNot,” also tracked as APT-C-35, which has targeted high-profile firms in Southeast Asia since at least 2018.
Source: cyware.com