The Iranian government-sponsored threat actor known as MuddyWater has been observed using the legitimate SimpleHelp remote support software tool to achieve persistence on victim devices. According to a new advisory by Group-IB, the software used as part of these attacks is not compromised.
Read full article on Infosecurity