Middle East Internet Company Limited

The organisation operates under the alias Middle East Internet Company Limited.
Its headquarters is situated in Saudi Arabia.
The name reflects a focus on providing internet‑related services in the Middle East region.
As an entity based in the Kingdom, it functions within the broader Middle Eastern telecommunications and internet landscape.

On 1 January 2020, a Hezbollah‑affiliated threat actor known as Lebanese Cedar launched a campaign targeting telecommunications and internet service providers across several countries.
The campaign included a UAE‑based company among its victims.
Attackers exploited unpatched versions of Atlassian and Oracle server software to gain initial access.
Once inside, they deployed web shells to maintain persistent presence on the compromised systems.
The Explosive RAT malware was employed to exfiltrate sensitive information such as customer call records and private databases.
The operation was characterised as an intelligence‑gathering effort aimed at collecting communications and operational data.

Security researchers attributed the activity to Lebanese Cedar by observing reuse of specific tools and consistent operational patterns.
Their analysis revealed that more than 250 servers worldwide were compromised during the course of the campaign.
The victims included telecommunications and internet service providers in several countries, with at least one identified target in the United Arab Emirates.
The incident highlighted the risks posed by unpatched Atlassian and Oracle software in enterprise environments.
It also demonstrated how web shells can be used to maintain covert access over extended periods.
The deployment of Explosive RAT showed the attackers’ ability to exfiltrate detailed call records and private databases for intelligence purposes.