MuddyWater is a cyber espionage group linked to Iran's Ministry of Intelligence and Security (MOIS) since approximately 2018. First documented in November 2017 by Unit 42, MuddyWater has targeted Middle Eastern organizations using various tactics over the years, including exploiting CVEs, deploying custom malware like BugSleep and BlackBeard, and leveraging RMM tools for phishing campaigns. The group's activities have expanded globally, with recent operations showing a shift towards destructive capabilities beyond espionage. Over 10 independent cybersecurity firms attribute overlapping campaigns to MuddyWater, providing strong technical continuity evidence across different phases of the group’s activity from 2017 through 2026.
Read the full article at InfoSec Write-ups - Medium
Want to create content about this topic? Use Nemati AI tools to generate articles, social posts, and more.
