Hack-for-Hire Campaign Targets Journalists in MENA Using Phishing and Spyware

Hack-for-Hire Campaign Targets Journalists in MENA Using Phishing and Spyware

First seen 8 Apr 2026, 17:16 UTC CpjCyberscoopTherecord.MediaTechcrunchNewsbytesapp+12 81% similarity 75.5

Article Content

Browse articles
ThreatCluster

A hack-for-hire operation has been uncovered targeting journalists and activists across the Middle East and North Africa, particularly focusing on Egyptian and Lebanese individuals. The campaign, attributed to a group known as BITTER, employed sophisticated spear-phishing attacks to compromise iCloud and Signal accounts, as well as deploying Android spyware disguised as legitimate applications. The attacks were documented by Access Now, Lookout, and SMEX, revealing a timeline of incidents from 2023 to 2025. Notable victims include Egyptian journalists Mostafa Al-A’sar and Ahmed Eltantawy, both of whom have faced political repression. The malware used, identified as ProSpy, allows attackers to extract sensitive data from compromised devices. The operation is suspected to be linked to the Indian government, highlighting a trend of governments outsourcing cyber operations to private firms. Current status indicates ongoing risks for targeted individuals, with calls for improved digital security practices among at-risk communities.

Key Points: • Hack-for-hire group BITTER targeted journalists in MENA using phishing and spyware. • Victims included prominent Egyptian journalists with histories of political repression. • The operation is suspected to be linked to the Indian government, indicating state involvement.

ThreatCluster AI

Timeline

2023-01-01
Spear-phishing attacks against journalists began.
2023-10-01
First documented phishing attempt against Al-A’sar.
2024-01-01
Continued phishing attempts against targets.
2025-01-05
ESET published report on ProSpy malware.
2025-10-01
Lookout and Access Now began investigations.
2026-04-08
Reports on hack-for-hire campaign published by multiple organizations.

Community

Browse all →