Increasing Collaboration Between Middle Eastern and Eastern European Hackers

October 19, 2015


The Intelligence Analysis Team at Norse has recently been tracking a growing number of collaborations between hacker groups operating in the Middle East and ones in Eastern Europe. These collaborations include knowledge-sharing, but also involves Middle Eastern hackers traveling to Europe to receive hand-on training and experience. Norse has outlined several such potential examples:

Ashiyane Digital Security Team And Romanian Security Team

Ashiyane DST, one of Iran’s most notorious hacker groups, has recently been exchanging exploit and target data with Romanian Security Team, one of the largest hacker communities in Romania. Posts on the RST forum regarding SMTP vulnerabilities were later echoed on ADST’s forums as well, indicating possible info-sharing between the two groups.

Middle East Cyber Army (MECA) Member Arrested By Bulgarian Chief Directorate For Combating Organized Crime (CDCOC)

A suspected member of the Middle East Cyber Army hacker group allegedly hacked more than 3,500 websites, including government and corporate sites, and was arrested by the cyber division of the Bulgarian Chief Directorate for Combating Organized Crime (CDCOC) on July 15, 2015. Authorities confiscated computers and storage devices that included a variety of specialized hacking tools. The suspect is a 21-year-old Syrian hacktivist who appears to have been politically motivated.

Anonymous Mobilizes For #OpNimr

The hacker collective Anonymous, many of whose members are European, mobilized to attack the Saudi government during #OpNimr, in protest of the impending crucifixion of Ali Mohammed Al-Nimr – a Saudi youth sentenced to death for acts he committed while still a minor.

Norse warned that this continued collaboration and the expansion of the knowledge base and capabilities of such hacker groups could lead them to escalate their efforts from website defacements to actual cyber-terrorism targeting infrastructure and putting lives at risk.

Source:, October 14, 2015.