Check Point Research has been tracking ongoing activity of the WIRTE threat actor, associated with Hamas, despite the ongoing conflict in the region. The group continues to target entities in the Palestinian Authority, Jordan, Iraq, Egypt, and Saudi Arabia for espionage. WIRTE has expanded its operations to include disruptive attacks, with clear links found between their custom malware and the SameCoin wiper targeting Israeli entities. The group's tools have evolved, but key operational aspects remain consistent. WIRTE's activities persist throughout the war, complicating geographical attribution. The group employs various tactics, including custom loaders, phishing, and wipers, targeting both Israeli and other Middle Eastern entities.