Security News > 2020 > October > BAHAMUT Spies-for-Hire Linked to Extensive Nation-State Activity
A cyberespionage group known as BAHAMUT has been linked to a "Staggering" number of ongoing attacks against government officials and private-sector VIPs in the Middle East and South Asia, while also engaging in wide-ranging disinformation campaigns.
"The group took over the domain of what was originally an information security news website and began pushing out content focused on geopolitics, research, industry news about other hack-for-hire groups," according to the report - along with news about exploit brokers like the NSO Group.
The group overall is using a wide range of tools, tactics and techniques, and researchers said that "At least one zero-day developer reflects a skill-level beyond most other known threat-actor groups today" - all of which suggests that the group is extremely well-funded and well-resourced.
Specifically, the threat groups identified as EHDevel, Windshift, Urpage and the White Company, along with the unnamed threat group in Kaspersky's 2016 "InPage zero-day" research.
In all, given the extensive capabilities, links to disparate nation-state-linked APT activity, and lack of focused targeting, researchers concluded that BAHAMUT is one sprawling group that sells services to the highest bidder, including governments.