Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

META April Intelligence Insights. Unmasking Threats. Powering Defenses.
← Research Hub

META April Intelligence Insights. Unmasking Threats. Powering Defenses.

Stay ahead of the curve with Group-IB’s latest cyber intelligence insights for the META region and beyond. Our April edition unpacks major threat actor activity, significant takedowns, and unique regional campaigns that signal the evolving threat landscape.

Notable Events

Oracle Breach for SaleOracle Breach for Sale

Threat actor rose87168 claimed to have breached Oracle Cloud in January 2025, offering stolen data for sale after failed private negotiations.

ALTDOS ArrestedALTDOS Arrested

In a joint operation with Thai and Singapore police, Group-IB helped arrest a cybercriminal behind 90+ global breaches and 13TB of stolen data, operating under aliases like ALTDOS and DESORDEN.

Global Insight

ClickFix CampaignsClickFix Campaigns

A new social engineering method tricks users into running malicious scripts via fake "Fix It" buttons. Used to spread infostealers like Lumma, it’s gaining popularity among APTs.

META Focus

APT “Dark Blinders” Targets Iraq TelcosAPT “Dark Blinders” Targets Iraq Telcos

Group-IB identified a new APT group using Peaky Blinders-themed personas, phishing lures, custom malware, and GitHub/DNS tunneling for C2. Tracked publicly as REF8685, the group is distinct from any known actor.

 

Want a deeper dive into these insights? Access exclusive technical details, IOCs, and expert commentary in the full April 2025 Intelligence Insights report.

Relevant reports

We see the full picture of the evolving cyber threat landscape thanks to unique tools for monitoring the infrastructure used by cybercriminals and data from battlefields:

Intelligence Insights Report, September 2025
New
Trend Report
Intelligence Insights Report, September 2025
Explore the most notable cybersecurity events in the region and the best practices
Learn more
Intelligence Insights Report, August 2025
Trend Report
Intelligence Insights Report, August 2025
Explore the most notable cybersecurity events in the region and the best practices
Learn more
Intelligence Insights Report, July 2025
Trend Report
Intelligence Insights Report, July 2025
Explore the most notable cybersecurity events in the region and the best practices
Learn more