Saudi Press

Saudi Arabia and the world
Thursday, Oct 02, 2025

‘Mercenary’ hacker group widespread in Mideast, research finds

‘Mercenary’ hacker group widespread in Mideast, research finds

Saudi diplomats, Sikh separatists, Indian executives among the targeted by hired hackers, cybersecurity research says.

Saudi diplomats, Sikh separatists and Indian business executives have been among those targeted by a group of hired hackers, according to research published on Wednesday by software firm BlackBerry Corp.

The report on the group, known publicly as Bahamut, the name assigned to the mythical sea monster of Arab lore, highlights how cybersecurity researchers are increasingly finding evidence of mercenaries online.

BlackBerry’s vice president of research, Eric Milam, said the diversity of Bahamut’s activities was such that he assumed it was working for a range of different clients.

“There’s too many different things going on across too many different ranges and too many different verticals that it would be a single state,” Milam said ahead of the report’s release.

In June, Reuters news agency reported on how an obscure Indian IT firm called BellTroX offered its hacking services to help clients spy on more than 10,000 email accounts over seven years, including targeting prominent American investors.

BlackBerry – which absorbed antivirus firm Cylance in 2019 – stitched together digital clues left by other researchers over the years to create a picture of a sophisticated group of hackers. BlackBerry also linked the group to mobile phone applications in the Apple and Google app stores. Those apps, which included a fitness tracker and password manager, may have helped the hackers track their targets, the report said.

Apple declined to comment on the record. Two of the apps flagged by BlackBerry are no longer in the Apple App Store, however. A Google spokesman said all the apps in the Google Play store mentioned in the report had been removed.

Milam declined to comment on who he thought might be behind Bahamut, but he said he hoped the report would help to sharpen the focus on hackers for hire. Taha Karim, the chief executive of Emirati cybersecurity company tephracore – who wasn’t involved in BlackBerry’s research but reviewed the report ahead of publication – said the findings were credible and “they found links that aren’t obvious.”

The targets


BlackBerry did not name any of Bahamut’s targets directly, but researchers have previously publicly identified Middle Eastern human rights activists, Pakistani military officials, and Gulf Arab businessmen as being in the group’s crosshairs. Reuters news was also able to identify new targets by cross-referencing data published in BlackBerry’s report with booby-trapped webpages preserved by urlscan.io, a cybersecurity tool.

One heavily targeted organisation included the New York-based Sikhs for Justice, a separatist group that is campaigning for an independent homeland for Sikhs in India. Its founder, Gurpatwant Singh Pannun, said his campaign websites have been repeatedly hacked and his emails broken into.

Others pursued by the hackers included: The United Arab Emirates’ Ministry of Defense, its Supreme Council for National Security, and Shaima Gargash, the UAE’s number-two diplomat in Washington.

In an email, Gargash said the embassy had no comment.

Saudi officials were also targeted by the hackers. Cached phishing pages preserved by services such as URLscan.io and reviewed by Reuters showed that the cyber spies targeted Mawthouq, the Saudi government’s email service, half a dozen Saudi government ministries, and the Saudi Center for International Strategic Partnerships, a Riyadh-based body aimed at helping coordinate the country’s foreign policy.

The Saudi embassy in Washington, DC did not respond to requests for comment.

The hackers pursued royals and business executives in Bahrain, Kuwait and Qatar. In August 2019, they attempted to compromise an employee of major Indian energy conglomerate Reliance Industries around the time that the company was negotiating the sale of a stake in its oil-to-chemicals business to Saudi Aramco.

Reliance did not return repeated messages. Attempts to reach the hackers were unsuccessful.

Newsletter

Related Articles

Saudi Press
0:00
0:00
Close
Altman Says GPT-5 Already Outpaces Him, Warns AI Could Automate 40% of Work
Trump Organization Teams with Saudi Developer on $1 Billion Trump Plaza in Jeddah
Electronic Arts to Be Taken Private in Historic $55 Billion Buyout
Colombian President Petro Vows to Mobilize Volunteers for Gaza and Joins List of Fighters
Nvidia and Abu Dhabi’s TII Launch First AI-&-Robotics Lab in the Middle East
UK, Canada, and Australia Officially Recognise Palestine in Historic Shift
New Eye Drops Show Promise in Replacing Reading Glasses for Presbyopia
Dubai Property Boom Shows Strain as Flippers Get Buyer’s Remorse
Top AI Researchers Are Heading Back to China as U.S. Struggles to Keep Pace
JWST Data Brings TRAPPIST-1e Closer to Earth-Like Habitability
UAE-US Stargate Project Poised to Make Abu Dhabi a Global AI Powerhouse
Trump and Starmer Clash Over UK Recognition of Palestinian State Amid State Visit
Saudi Arabia cracks down on music ‘lounges’ after conservative backlash
Saudi Arabia Signs ‘Strategic Mutual Defence’ Pact with Pakistan, Marking First Arab State to Gain Indirect Access to Nuclear Strike Capabilities in the Region
Sam Altman sells the 'Wedding Estate' in Hawaii for 49 million dollars
Turkish car manufacturer Togg Enters German Market with 5-Star Electric Sedan and SUV to Challenge European EV Brands
World’s Longest Direct Flight China Eastern to Launch 29-Hour Shanghai–Buenos Aires Direct Flight via Auckland in December
New OpenAI Study Finds Majority of ChatGPT Use Is Personal, Not Professional
Kuwait opens bidding for construction of three cities to ease housing crunch.
This Week in AI: Meta’s Superintelligence Push, xAI’s Ten Billion-Dollar Raise, Genesis AI’s Robotics Ambitions, Microsoft Restructuring, Amazon’s Million-Robot Milestone, and Google’s AlphaGenome Update
Indian Student Engineers Propose “Project REBIRTH” to Protect Aircraft from Crashes Using AI, Airbags and Smart Materials
Could AI Nursing Robots Help Healthcare Staffing Shortages?
Turkish authorities seize leading broadcaster amid fraud and tax investigation
Qatari prime minister says Netanyahu ‘killed any hope’ for Israeli hostages
Apple Introduces Ultra-Thin iPhone Air, Enhanced 17 Series and New Health-Focused Wearables
Big Oil Slashes Jobs and Investments Amid Prolonged Low Crude Prices
Social Media Access Curtailed in Turkey After CHP Calls for Rallies Following Police Blockade of Istanbul Headquarters
Did the Houthis disrupt the internet in the Middle East? Submarine cables cut in the Red Sea
Gold Could Reach Nearly $5,000 if Fed Independence Is Undermined, Goldman Sachs Warns
Uruguay, Colombia and Paraguay Secure Places at 2026 World Cup
Trump Administration Advances Plans to Rebrand Pentagon as Department of War Instead of the Fake Term Department of Defense
Tether Expands into Gold Sector with Profit-Driven Diversification
Trump’s New War – and the ‘Drug Tyrant’ Fearing Invasion: ‘1,200 Missiles Aimed at Us’
At the Parade in China: Laser Weapons, 'Eagle Strike,' and a Missile Capable of 'Striking Anywhere in the World'
Information Warfare in the Age of AI: How Language Models Become Targets and Tools
Israeli Airstrike in Yemen Kills Houthi Prime Minister
After the Shock of Defeat, Iranians Yearn for Change
YouTube Altered Content by Artificial Intelligence – Without Permission
Iran Faces Escalating Water Crisis as Protests Spread
More Than Half a Million Evacuated as Typhoon Kajiki Heads for Vietnam
HSBC Switzerland Ends Relationships with Over 1,000 Clients from Saudi Arabia, Lebanon, Qatar, and Egypt
Sharia Law Made Legally Binding in Austria Despite Warnings Over 'Incompatible' Values
Dogfights in the Skies: Airbus on Track to Overtake Boeing and Claim Aviation Supremacy
Tim Cook Promises an AI Revolution at Apple: "One of the Most Significant Technologies of Our Generation"
Are AI Data Centres the Infrastructure of the Future or the Next Crisis?
Miles Worth Billions: How Airlines Generate Huge Profits
Zelenskyy Returns to White House Flanked by European Allies as Trump Pressures Land-Swap Deal with Putin
Beijing is moving into gold and other assets, diversifying away from the dollar
Cristiano Ronaldo Makes Surprise Stop at New Hong Kong Museum
Zelenskyy to Visit Washington after Trump–Putin Summit Yields No Agreement
×