According to ESET, a group known as Bahamut has been targeting Android users with malware-infected versions of legitimate VPN applications. Bahamut is an advanced persistent threat (APT) actor with a focus on cyberespionage.
It was first identified in 2017 but is still active today, using a fictitious online network of websites, applications, and social media personas to stay undetected. Bahamut is a mercenary organization that provides hacking services for hire. It is well-known for targeting organizations in the Middle East and South Asia, mostly through spearphishing and fake applications, with the goal of stealing sensitive data. Bahamut has targeted government officials and politicians, human rights organizations, businesses in the financial services and technology sectors, journalists, military organizations, academic institutions, and aerospace entities.
It has also been tracked as Ehdevel, Windshift, Urpage, and The White Company.
Read More: Hack-for-Hire Group Targets Android Users With Malicious VPN Apps
For more such updates follow us on Google News ITsecuritywire News. Please subscribe to our Newsletter for more updates.