Hack-for-hire campaign used phishing, spyware on MENA journalists and activists
Researchers have found a hack-for-hire operation going after journalists and activists across the Middle East and North Africa.
Attackers used phishing to break into iCloud and Signal accounts and Android spyware disguised as apps to take over phones.
Outsourcing these kinds of cyberattacks to private firms is becoming more common among government agencies.
BITTER suspected Indian ties, RebSec Solutions
The group behind the hacks, called BITTER, is suspected to have ties with the Indian government and may be run by RebSec Solutions, linked to a now-closed Indian firm.
Their methods targeted not just people in Egypt and Lebanon but also officials in Bahrain, the United Arab Emirates, Saudi Arabia, the United Kingdom, and possibly even the United States.
The tools they used were cheaper than traditional spyware, but still gave them plenty of cover.