An advanced persistent threat (APT) actor focused on cyberespionage, Bahamut was initially detailed in 2017, but continues to be active, leveraging a fake online empire of social media personas, websites, and applications, which has allowed it to fly under the radar.
A mercenary group offering hack-for-hire services, Bahamut is known for the targeting of entities in the Middle East and South Asia, mainly via spearphishing and fake applications, with a focus on stealing sensitive information.