Report an incident

Get 24/7 incident response assistance from our global team

Talk to sales

Just fill out the form, and our representative will contact you soon.

Join the Cybercrime Fighters Club

Please review the following rules before submitting your application:

1. Our main objective is to foster a community of like-minded individuals dedicated to combatting cybercrime and who have never engaged in Blackhat activities.

2. All applications must include research or a research draft. You can find content criteria in the blog. Please provide a link to your research or research draft using the form below.

META Intelligence Report, August 2025. Cyber Threat Intelligence Across Middle East, Türkiye, Africa & Pakistan
← Research Hub

META Intelligence Report, August 2025. Cyber Threat Intelligence Across Middle East, Türkiye, Africa & Pakistan

Group-IB’s latest intelligence report highlights key cybersecurity developments from August 2025, focusing on global threats with regional impact. From targeted espionage to AI-driven scams, the threat landscape continues to evolve rapidly.

Key Highlights:

Salesforce & Google Workspace CompromisedSalesforce & Google Workspace Compromised

Threat actor UNC6395 exploited OAuth tokens via Salesloft Drift, impacting major organizations and prompting widespread security actions.

ShadowSilk Espionage CampaignShadowSilk Espionage Campaign

Cross-border data exfiltration targeting over 35 government entities across Central Asia and APAC, using spear-phishing and Telegram-based infrastructure.

Zero-Click Vulnerabilities DisclosedZero-Click Vulnerabilities Disclosed

Critical flaws in WhatsApp and Apple platforms could allow silent compromise. Urgent patching and device checks are recommended.

AI-Powered Investment ScamsAI-Powered Investment Scams

Deepfakes and fake reviews are being used at scale to lure victims into fraudulent trading platforms, supported by industrial-grade infrastructure.

Regional Threat Landscape – META

Banking Mules Evolving TacticsBanking Mules Evolving Tactics

Fraud networks are using satellite connectivity, GPS spoofing, and device-based mule operations to bypass traditional detection.

Spear-Phishing Campaigns Targeting Finance LeadersSpear-Phishing Campaigns Targeting Finance Leaders

Sophisticated lures impersonating executive recruiters are delivering malware through multi-stage payloads.

QR Code Phishing on the RiseQR Code Phishing on the Rise

Campaigns mimicking corporate infrastructure and personnel are targeting employee credentials.

Threat Activity Snapshot

19.5% Increase in Hacktivism19.5% Increase in Hacktivism

Highest number of attacks observed in Saudi Arabia, Israel, Pakistan, and Jordan.

Ransomware Up 155%Ransomware Up 155%

Key sectors hit: government, finance, consumer goods. Main actors: Lockbit, Meow, RansomHub, DarkVault.

Relevant reports

We see the full picture of the evolving cyber threat landscape thanks to unique tools for monitoring the infrastructure used by cybercriminals and data from battlefields:

Intelligence Insights Report, October 2025
New
Trend Report
Intelligence Insights Report, October 2025
Explore the most notable cybersecurity events in the region and the best practices
Learn more
Intelligence Insights Report, September 2025
New
Trend Report
Intelligence Insights Report, September 2025
Explore the most notable cybersecurity events in the region and the best practices
Learn more