STORMOUS began operations as early as March 2021 by creating an online instant-messaging channel, a dark web page, and a Tor service. The group has used these outlets to post Arabic and English anti-US messaging and claims of cyber activity— including ransomware attacks, data theft, and website defacements—against US companies. STORMOUS appears to be an organized group centrally directed by a hacker known as “Darksat”. Some of the group’s actors also have ties to other Middle East-based malicious hacker groups, such as Yemeni Ghost and EGY Team.