Signal

Hack-for-hire campaign linked to Bitter APT targets journalists and activists in MENA

Evidence first: scan the strongest sources, then decide whether to go deeper.

Published 2026-04-08 22:08 UTCUpdated 2026-04-09 10:45 UTC

redditrss

threat_actorsexploitsbreachesincident_responsesecurity_policy

Source links open

Source links and full evidence are open here. Archive history, compare-over-time, alerts, exports, API, integrations, and workflow are paid.

Back Evidence (3)Get the free brief by email Start free trial

No card needed for the free brief.

Evidence trail (top sources)

top sources (2 domains)

2 top sources shown

Middle East Hack-for-Hire Operation Traced to South Asian Cyber Espionage Group

Infosecurity Magazine · News · infosecurity-magazine.com · 2026-04-09 10:45 UTC

Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region

thehackernews · News · thehackernews.com · 2026-04-09 10:40 UTC

limited source diversity in top sources

View all evidence

Overview

A spear-phishing campaign active from 2023 to 2024 targeted journalists, activists, and government officials across the Middle East and North Africa (MENA).

Score total

1.53

Momentum 24h

Posts

Origins

Source types

Duplicate ratio

Why now

Recent investigations have exposed the campaign's scope and attribution.
The campaign was active recently, between 2023 and 2024, indicating ongoing threats.
Timely for organizations to update incident response and security policies against such threats.

Why it matters

Highlights ongoing cyber espionage and repression targeting civil society in MENA.
Demonstrates use of hack-for-hire services linked to state-affiliated threat actors.
Raises awareness for journalists and activists to strengthen phishing defenses.

LLM analysis

Topic mix: lowPromo risk: lowSource quality: medium

Recurring claims

A hack-for-hire spear-phishing campaign targeted journalists and activists across MENA between 2023 and 2024.
The campaign is linked to the Bitter APT group, suspected to have ties to the Indian government.

How sources frame it

The Hacker News: neutral

Consolidated multiple sources to provide a clear overview of the Bitter-linked hack-for-hire campaign targeting MENA civil society.

All evidence

Middle East Hack-for-Hire Operation Traced to South Asian Cyber Espionage Group

Infosecurity Magazine · infosecurity-magazine.com · 2026-04-09 10:45 UTC

Bitter-Linked Hack-for-Hire Campaign Targets Journalists Across MENA Region

thehackernews · thehackernews.com · 2026-04-09 10:40 UTC

Espionage for repression: hack-for-hire phishing campaign targets civil society in MENA - Access Now

blueteamsec · accessnow.org · 2026-04-08 22:08 UTC

Show filters & breakdown

Posts loaded: 0Publishers: 3Origin domains: 3Duplicates: -

Platform

Publisher

Origin domain

Relevance tier

Duplicates only

Showing 3 / 0

Top publishers (this list)

Infosecurity Magazine (1)
thehackernews (1)
blueteamsec (1)

Top origin domains (this list)

infosecurity-magazine.com (1)
thehackernews.com (1)
accessnow.org (1)