The PolySwarm Blog

Analyze suspicious files and URLs, at scale, millions of times per day. Get real-time threat intel from a crowdsourced network of security experts and antivirus companies competing to protect you.

MuddyWater Using New Backdoor to Target Middle East

Jul 22, 2024 1:09:20 PM / by The Hivemind posted in Threat Bulletin, Middle East, Static Kitten, MuddyWater, MuddyRot, BugSleep

0 Comments

Related Families: MuddyRot aka BugSleep
Verticals Targeted: Transportation, Government, Media, Travel

Executive Summary

Iran nexus threat actor group MuddyWater was recently observed using a new backdoor to target entities in the Middle East. Dubbed MuddyRot by Sekoia and BugSleep by Check Point Research, the backdoor appears to indicate a shift in MuddyWater’s TTPs.

Read More

Iranian Threat Actors Target Hybrid Environment

Apr 21, 2023 2:39:06 PM / by The Hivemind posted in Threat Bulletin, Ransomware, Iran, Muddy Water, Static Kitten, DEV-1084, Mercury

0 Comments



Executive Summary

Iranian threat actors were observed targeting a hybrid environment using ransomware as a decoy for destructive attacks.

Key Takeaways

Read More

Muddy Water Uses SloughRAT in Recent Campaigns

Mar 17, 2022 1:21:56 PM / by PolySwarm Tech Team posted in Threat Bulletin, Espionage, Iran, Muddy Water, Static Kitten, SloughRAT, Canopy

0 Comments



Background

Iranian threat actor group Muddy Water has been very active in the last few months. In February, CISA issued an alert warning that the group was conducting a campaign targeting global government and commercial networks. Earlier this month, Cisco’s Talos Intelligence published a blog post on Muddy Water activity targeting Turkey and other countries.

Read More
All posts

Subscribe to Email Updates

Lists by Topic

see all

Posts by Topic

See all

Recent Posts

Join the Marketplace

For Enterprises and Businesses

Learn More

For Security Experts and AV Companies

Learn More