New C2 framework leveraged by MuddyWater

30 June 2023

Attacks by Iranian state-backed threat group MuddyWater, also known as Mango Sandstorm and Mercury, against Israeli research institute Technion, as well as PaperCut servers have involved the utilization of the PhonyC2 post-exploitation command-and-control framework, according to The Hacker News. While PhonyC2 had similarities with MuddyWater’s previous MuddyC3 framework, attackers have implemented continuous updates to the new framework and its tactics, techniques, and procedures, a report from Deep Instinct revealed.

Source: SC Magazine

Date:

30 June 2023

Categorie(s):

NEWS

Tag(s):

C2, IT, MuddyWater, New, News

Microsoft plans to lock down Windows DNS like never before. Here’s how.4 May 2024
Kaspersky hits back at claims its AI helped Russia develop military drone systems4 May 2024
Kaspersky hits back at claims it helped Russia develop military drone systems3 May 2024
Smoke and (screen) mirrors: A strange signed backdoor3 May 2024
Kaspersky accused of helping Russia develop military drone systems3 May 2024