Group-IB, a leading creator of cybersecurity technologies to investigate, prevent, and fight digital crime, has unveiled its latest META Intelligence Insights Report, offering a detailed snapshot of the region’s evolving threat landscape.
The intelligence report that looks at cybersecurity trends for July and August 2025 highlights a concerning uptick in cyber threats, particularly in ransomware incidents and phishing attacks. As cybercriminal activity grows more aggressive and sophisticated, Group-IB urges organizations to strengthen their defenses as both state-sponsored and financially motivated threat actors continue to adapt and target critical sectors.
Key findings from the July-August 2025 Group-IB Report:
- The Evolving Threat of Banking Mules in META: META banking mule operators have upgraded their tradecraft, from basic IP masking to satellite connectivity, GPS spoofing, SIM abuse, and device muling. These evolving tactics bypass traditional banking defenses, underlining the need for layered, dynamic protection systems.
- Spear-Phishing Targeting Finance Executives:Â A sophisticated spear-phishing campaign targeting CFOs globally has been identified. Using tools like NetBird and posing as Rothschild & Co recruiters, cybercriminals deploy advanced phishing techniques linked to the APT MuddyWater group.
- Fake Greek Real Estate Lure Targets MEA Region:Â A campaign involving a fake Greek real estate document was uncovered, utilizing a DocuSign-themed lure to deliver remote access tools, reflecting established tactics of evading detection through legitimate services.
- New DarkBlinder Malware Sample in GCC:Â Group-IB has uncovered a new wave of Classiscam phishing attacks targeting the GCC region, indicating an ongoing threat landscape.
- Rise in QR Code-Based Phishing Attacks: In July 2025, Group-IB observed a surge in QR code phishing attacks aimed at credential theft, often impersonating employees and spoofing organizational IT infrastructure.
- Bank Card Breaches:Â In August, the GCC region accounted for 35% of compromised bank card data, followed by Turkey at 24% and South Africa at 16%, signalling a critical need for banks and consumers to enhance security measures.
155% Increase in Ransomware Incidents: A dramatic increase in ransomware attacks was recorded between July and August 2025 across META, with industries such as financial services, government, energy, and consumer goods facing heightened risk.
To combat these escalating threats, Group-IB recommends that organizations adopt a proactive cybersecurity posture through enhanced security awareness training, implementation of multi-factor authentication, and regular security audits. Furthermore, collaboration with threat intelligence services is essential to stay ahead of evolving risks.
For further insights and actionable recommendations, click the link to access the full July and August 2025 META Intelligence Insights Report.
