Hack-for-hire spyware campaign targets journalists in Middle East, North Africa

A sophisticated spyware campaign, allegedly linked to the Indian government, has been targeting journalists and activists in the Middle East and North Africa. The campaign's infrastructure is tied to the advanced persistent threat group known as Bitter, which typically focuses on government, military, and diplomatic sectors in South Asia. Researchers from Access Now, Lookout, and SMEX collaborated to uncover the campaign's tactics, which involve using spyware to compromise the devices of high-profile individuals. The attacks are characterized by their use of shared infrastructure, indicating a coordinated effort by the threat actors. The campaign's scope and sophistication suggest a high level of resources and expertise, making it a significant concern for individuals and organizations operating in the region¹. This matters to cybersecurity practitioners because it highlights the growing threat of state-sponsored hacking groups targeting vulnerable individuals, such as journalists, to gather sensitive information and exert control.