### An Emerging Trend of Government Agencies Delegating Their Hacking Activities
A recent probe has uncovered that hackers persist in utilizing conventional strategies to breach iPhones and Android gadgets. This inquiry, brought to light by TechCrunch, involved three cybersecurity research organizations that teamed up to generate reports on an extended hack-for-hire initiative targeting journalists, activists, and officials in the Middle East and North Africa.
As per insights from Access Now, Lookout, and SMEX, the assaults focused on civilians and government representatives across multiple nations, including the UK and possibly the US. Access Now analyzed three specific attack occurrences that took place between 2023 and 2025, while Lookout linked these events to the hack-for-hire group BITTER APT, affiliated with the Indian hack-for-hire company Appin.
In comparison to recent advanced exploit attacks such as the Coruna and DarkSword exploits, which employed intricate chains of vulnerabilities to compromise obsolete devices, this initiative relied on more straightforward approaches, mainly phishing. The hackers intended to mislead iPhone users into disclosing their Apple ID credentials, thereby gaining access to iCloud backups and, ultimately, the comprehensive content of the targets’ devices.
Lookout’s analysis pinpointed nearly 1,500 web addresses that masqueraded as legitimate services, hosting phishing pages and other harmful materials. Specific phishing domains aimed at Apple users included:
– facetime-web[.]me-en[.]io
– apple[.]id-us[.]cc
– icloud[.]com-ar[.]me
– icloud[.]com-service[.]info
– signin-apple[.]com-en-uk[.]info
The initiative reached beyond Apple, also aiming at users of Google, Microsoft, Signal, WhatsApp, and Yahoo, utilizing a range of hacking and phishing methods.
TechCrunch highlighted that this pattern reflects an increasing tendency among government agencies to delegate hacking operations to private hack-for-hire enterprises. This setup offers these agencies plausible deniability, as private firms handle all operations and infrastructure. Moreover, engaging these groups may be more economical than acquiring commercial spyware, according to Justin Albrecht, a principal researcher at Lookout.
For additional information, TechCrunch’s report can be found [here](https://techcrunch.com/2026/04/08/hack-for-hire-group-caught-targeting-android-devices-and-icloud-backups/).