Bahamut  (Back to overview)

Bahamut is a threat actor primarily operating in Middle East and Central Asia, suspected to be a private contractor to several state sponsored actors. They were observed conduct phishing as well as desktop and mobile malware campaigns.

Associated Families

2022-11-23ESET ResearchLukáš Štefanko
Bahamut cybermercenary group targets Android users with fake VPN apps
2022-06-29cybleCyble Research Labs
Bahamut Android Malware Returns With New Spying Capabilities
2022-04-12360 Threat Intelligence Center360 Beacon Lab
Recent attacks by Bahamut group revealed
2020-10-06BlackberryBlackberry Research
BAHAMUT: Hack-for-Hire Masters of Phishing, Fake News, and Fake Apps
Bahamut Bahamut
2018-08-29Trend MicroDaniel Lunghi, Ecular Xu
The Urpage Connection to Bahamut, Confucius and Patchwork
AndroRAT Bahamut
2018-08-29Trend MicroDaniel Lunghi, Ecular Xu
Bahamut, Confucius and Patchwork Connected to Urpage
Bahamut Confucius Urpage
2017-10-27BellingcatCollin Anderson
Bahamut Revisited, More Cyber Espionage in the Middle East and South Asia
Bahamut Bahamut Bahamut
2017-06-12BellingcatCollin Anderson
Bahamut, Pursuing a Cyber Espionage Actor in the Middle East
Bahamut Bahamut Bahamut

Credits: MISP Project