Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

Mansour Alhmoud

Cyber Intelligence Analyst

As a Cyber Threat Intelligence Analyst in Group-IB META Threat Intelligence Department, Mansour is responsible for researching APT groups, investigating their cyber operations and analyzing their TTPs, tools, and infrastructure to produce strategic threat intelligence that directs high‑stakes cyber defense strategies across the META region.

With over a four years of dedicated experience in the cybersecurity domain, Mansour has excelled in roles spanning advanced threat intelligence, DFIR, and security operations.

 

Blog posts by Mansour Alhmoud

MuddyWater Strikes Again
Advanced Persistent Threats
February 20, 2026
Operation Olalampo: Inside MuddyWater’s Latest Campaign
MuddyWater APT has launched a new cyber offensive operation, dubbed Operation Olalampo, deploying new malware variants and leveraging Telegram bots for command-and-control. Analysis of the campaign provides a glimpse into the group’s post-exploitation tactics, which largely align with their historical operations.
9,864
Advanced Persistent Threats
October 22, 2025
Unmasking MuddyWater’s New Malware Toolkit Driving International Espionage
Group-IB Threat Intelligence has uncovered a sophisticated phishing campaign, attributed with high confidence to the Advanced Persistent Threat (APT) MuddyWater. The attack used a compromised mailbox to distribute Phoenix backdoor malware to international organizations and across the whole Middle East and North Africa region, targeting more than 100 government entities.
61,166
Advanced Persistent Threats
September 17, 2025
Tracking MuddyWater in Action: Infrastructure, Malware and Operations during 2025
The blog provides an in-depth look at MuddyWater’s evolution in tooling, targeting, and infrastructure management, suggesting a more mature and capable advanced persistent threat within the META region.
180,454
Threat Intelligence
March 13, 2025
ClickFix: The Social Engineering Technique Hackers Use to Manipulate Victims
Discover how the ClickFix social engineering attack exploits human psychology to bypass security. Learn how hackers use this tactic and how to protect against it.
15,274