Verticals Targeted: None specified
Regions Targeted: Iran, Middle East
Related Families: None specified
Static Kitten Observed Using DCHSpy Android Malware
Aug 1, 2025 1:17:27 PM / by The Hivemind posted in Threat Bulletin, Static Kitten, Spyware, Data Exfiltration, Mobile Security, DCHSpy, Android surveillanceware, Starlink spoofing, Iranian malware, Middle East cyber threats, VPN phishing
MuddyWater Using New Backdoor to Target Middle East
Jul 22, 2024 1:09:20 PM / by The Hivemind posted in Threat Bulletin, Middle East, Static Kitten, MuddyWater, MuddyRot, BugSleep
Related Families: MuddyRot aka BugSleep
Verticals Targeted: Transportation, Government, Media, Travel
Executive Summary
Iran nexus threat actor group MuddyWater was recently observed using a new backdoor to target entities in the Middle East. Dubbed MuddyRot by Sekoia and BugSleep by Check Point Research, the backdoor appears to indicate a shift in MuddyWater’s TTPs.
Iranian Threat Actors Target Hybrid Environment
Apr 21, 2023 2:39:06 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Iran, Muddy Water, Static Kitten, DEV-1084, Mercury
Executive Summary
Iranian threat actors were observed targeting a hybrid environment using ransomware as a decoy for destructive attacks.
Key Takeaways
Muddy Water Uses SloughRAT in Recent Campaigns
Mar 17, 2022 1:21:56 PM / by PolySwarm Tech Team posted in Threat Bulletin, Espionage, Iran, Muddy Water, Static Kitten, SloughRAT, Canopy
Background
Iranian threat actor group Muddy Water has been very active in the last few months. In February, CISA issued an alert warning that the group was conducting a campaign targeting global government and commercial networks. Earlier this month, Cisco’s Talos Intelligence published a blog post on Muddy Water activity targeting Turkey and other countries.