SYMBOLCOMMON_NAMEaka. SYNONYMS

Bahamut  (Back to overview)


Bahamut is a threat actor primarily operating in Middle East and Central Asia, suspected to be a private contractor to several state sponsored actors. They were observed conduct phishing as well as desktop and mobile malware campaigns.


Associated Families
apk.bahamut

References
2022-11-23ESET ResearchLukáš Štefanko
@online{tefanko:20221123:bahamut:7e7453f, author = {Lukáš Štefanko}, title = {{Bahamut cybermercenary group targets Android users with fake VPN apps}}, date = {2022-11-23}, organization = {ESET Research}, url = {https://www.welivesecurity.com/2022/11/23/bahamut-cybermercenary-group-targets-android-users-fake-vpn-apps/}, language = {English}, urldate = {2022-11-25} } Bahamut cybermercenary group targets Android users with fake VPN apps
Bahamut
2022-06-29cybleCyble Research Labs
@online{labs:20220629:bahamut:2a1b786, author = {Cyble Research Labs}, title = {{Bahamut Android Malware Returns With New Spying Capabilities}}, date = {2022-06-29}, organization = {cyble}, url = {https://blog.cyble.com/2022/06/29/bahamut-android-malware-returns-with-new-spying-capabilities/}, language = {English}, urldate = {2022-07-05} } Bahamut Android Malware Returns With New Spying Capabilities
Bahamut
2022-04-12360 Threat Intelligence Center360 Beacon Lab
@online{lab:20220412:recent:2a11b0c, author = {360 Beacon Lab}, title = {{Recent attacks by Bahamut group revealed}}, date = {2022-04-12}, organization = {360 Threat Intelligence Center}, url = {https://mp.weixin.qq.com/s/YAAybJBAvxqrQWYDg31BBw}, language = {Chinese}, urldate = {2022-04-15} } Recent attacks by Bahamut group revealed
Bahamut
2020-10-06BlackberryBlackberry Research
@techreport{research:20201006:bahamut:2a6157f, author = {Blackberry Research}, title = {{BAHAMUT: Hack-for-Hire Masters of Phishing, Fake News, and Fake Apps}}, date = {2020-10-06}, institution = {Blackberry}, url = {https://www.blackberry.com/us/en/pdfviewer?file=/content/dam/blackberry-com/asset/enterprise/pdf/direct/report-spark-bahamut.pdf}, language = {English}, urldate = {2020-10-08} } BAHAMUT: Hack-for-Hire Masters of Phishing, Fake News, and Fake Apps
Bahamut Bahamut
2018-08-29Trend MicroDaniel Lunghi, Ecular Xu
@online{lunghi:20180829:urpage:0f63a4b, author = {Daniel Lunghi and Ecular Xu}, title = {{The Urpage Connection to Bahamut, Confucius and Patchwork}}, date = {2018-08-29}, organization = {Trend Micro}, url = {https://blog.trendmicro.com/trendlabs-security-intelligence/the-urpage-connection-to-bahamut-confucius-and-patchwork/}, language = {English}, urldate = {2020-01-06} } The Urpage Connection to Bahamut, Confucius and Patchwork
AndroRAT Bahamut
2017-10-27BellingcatCollin Anderson
@online{anderson:20171027:bahamut:e17abf8, author = {Collin Anderson}, title = {{Bahamut Revisited, More Cyber Espionage in the Middle East and South Asia}}, date = {2017-10-27}, organization = {Bellingcat}, url = {https://www.bellingcat.com/resources/case-studies/2017/10/27/bahamut-revisited-cyber-espionage-middle-east-south-asia/}, language = {English}, urldate = {2020-01-06} } Bahamut Revisited, More Cyber Espionage in the Middle East and South Asia
Bahamut Bahamut Bahamut
2017-06-12BellingcatCollin Anderson
@online{anderson:20170612:bahamut:9810646, author = {Collin Anderson}, title = {{Bahamut, Pursuing a Cyber Espionage Actor in the Middle East}}, date = {2017-06-12}, organization = {Bellingcat}, url = {https://www.bellingcat.com/news/mena/2017/06/12/bahamut-pursuing-cyber-espionage-actor-middle-east/}, language = {English}, urldate = {2020-01-13} } Bahamut, Pursuing a Cyber Espionage Actor in the Middle East
Bahamut Bahamut Bahamut

Credits: MISP Project