VERY IMPORTANT

In June 2020, 360 Security Center discovered a new backdoor labeled Pyark written in Python to function as fileless malware. Through a in-depth investigation and trace analysis of the backdoor, 360 Security discovered a series of advanced threats that have been active since 2019. By compromising various military institutions in Venezuela, the attackers deployed a backdoor to continuously monitor and steal military secrets. 360 Security named the actors APT-C-43. When tracing the attacker’s source, we found that the duration of this attack coincided with the Venezuelan political chaos, and the network assets used by the attackers were mostly deployed in Colombia, and some assets were frequently found in Venezuela and Colombia.