Tag: MuddyWater
-
Iran’s MuddyWater phishes Israeli orgs with custom BugSleep backdoor
MuddyWater, an Iranian government-backed cyber espionage crew, has upgraded its malware with a custom backdoor, which it’s used to target …
-
Iranian MuddyWater Upgrades Arsenal With New Custom Backdoor
MuddyWater, an Iranian threat group, has recently started using a new, tailor-made backdoor to attack IT systems in the Middle East, …
-
Novel C2 tool leveraged in latest MuddyWater attacks
Iranian state-backed threat operation MuddyWater, also known as TA450, Mango Sandstorm, and Boggy Sandstorm, leveraged the novel DarkBeatC2 …
-
Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks
The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March …
-
MuddyWater targets African telecommunications companies
Telecommunications firms in Egypt, Tanzania, and Sudan have been subjected to attacks by Iranian state-sponsored threat operation …
-
MuddyWater attacks against Israel involve novel C2 framework
Attacks deployed by Iranian state-backed threat operation MuddyWater against Israel saw the utilization of the new MuddyC2Go …
-
Israel subjected to new MuddyWater spear-phishing attacks
Two Israeli organizations have been targeted by Iranian state-backed threat operation MuddyWater, also known as Mango Sandstorm and Static …
-
Iran’s MuddyWater Group Targets Israelis with Fake Memo Spear-Phishing
MuddyWater is using a fake memo from the Israeli Civil Service Commission as a lure to trick victims into downloading a RAT. Iranian …
-
Iran’s MuddyWater Targets Israel in New Spear-Phishing Cyber Campaign
The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to …
-
New C2 framework leveraged by MuddyWater
Attacks by Iranian state-backed threat group MuddyWater, also known as Mango Sandstorm and Mercury, against Israeli research institute …
-
New MuddyWater attacks involve SimpleHelp remote admin tool
Iranian state-sponsored threat operation MuddyWater has been using SimpleHelp remote support software to ensure persistence in devices that …
-
MuddyWater Uses SimpleHelp to Target Critical Infrastructure Firms
The Iranian government-sponsored threat actor known as MuddyWater has been observed using the legitimate SimpleHelp remote support software …
●●●