• Skip to main content
  • Skip to secondary menu
  • Skip to primary sidebar
  • Home
  • Contact Us

iHash

News and How to's

  • The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59

    The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59
  • The Complete 2023 Business Accounting Mastery Bundle for $49

    The Complete 2023 Business Accounting Mastery Bundle for $49
  • Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125

    Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125
  • Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44

    Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44
  • VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24

    VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24
  • News
    • Rumor
    • Design
    • Concept
    • WWDC
    • Security
    • BigData
  • Apps
    • Free Apps
    • OS X
    • iOS
    • iTunes
      • Music
      • Movie
      • Books
  • How to
    • OS X
      • OS X Mavericks
      • OS X Yosemite
      • Where Download OS X 10.9 Mavericks
    • iOS
      • iOS 7
      • iOS 8
      • iPhone Firmware
      • iPad Firmware
      • iPod touch
      • AppleTV Firmware
      • Where Download iOS 7 Beta
      • Jailbreak News
      • iOS 8 Beta/GM Download Links (mega links) and How to Upgrade
      • iPhone Recovery Mode
      • iPhone DFU Mode
      • How to Upgrade iOS 6 to iOS 7
      • How To Downgrade From iOS 7 Beta to iOS 6
    • Other
      • Disable Apple Remote Control
      • Pair Apple Remote Control
      • Unpair Apple Remote Control
  • Special Offers
  • Contact us

MuddyWater Hackers Target Asian and Middle East Countries with Updated Tactics

Dec 9, 2022 by iHash Leave a Comment

Dec 09, 2022Ravie LakshmananThreat Intelligence / Cyber Attack

The Iran-linked MuddyWater threat actor has been observed targeting several countries in the Middle East as well as Central and West Asia as part of a new spear-phishing activity.

“The campaign has been observed targeting Armenia, Azerbaijan, Egypt, Iraq, Israel, Jordan, Oman, Qatar, Tajikistan, and the United Arab Emirates,” Deep Instinct researcher Simon Kenin said in a technical write-up.

MuddyWater, also called Boggy Serpens, Cobalt Ulster, Earth Vetala, Mercury, Seedworm, Static Kitten, and TEMP.Zagros, is said to be a subordinate element within Iran’s Ministry of Intelligence and Security (MOIS).

Active since at least 2017, attacks mounted by the espionage group have typically targeted telecommunications, government, defense, and oil sectors.

CyberSecurity

The current intrusion set follows MuddyWater’s long-running modus operandi of using phishing lures that contain direct Dropbox links or document attachments with an embedded URL pointing to a ZIP archive file.

It’s worth mentioning here that the messages are sent from already compromised corporate email accounts, which are being offered for sale on the darknet by webmail shops like Xleet, Odin, Xmina, and Lufix anywhere between $8 to $25 per account.

While the archive files have previously harbored installers for legitimate tools like ScreenConnect and RemoteUtilities, the actor was observed switching to Atera Agent in July 2022 in a bid to fly under the radar.

But in a further sign that the campaign is being actively maintained and updated, the attack tactics have been tweaked yet again to deliver a different remote administration tool named Syncro.

The integrated MSP software offers a way to completely control a machine, allowing the adversary to conduct reconnaissance, deploy additional backdoors, and even sell access to other actors.

“A threat actor that has access to a corporate machine via such capabilities has nearly limitless options,” Kenin noted.

The findings come as Deep Instinct also uncovered new malware components employed by a Lebanon-based group tracked as Polonium in its attacks aimed exclusively at Israeli entities.

“Polonium is coordinating its operations with multiple tracked actor groups affiliated with Iran’s Ministry of Intelligence and Security (MOIS), based on victim overlap and the following common techniques and tooling,” Microsoft noted in June 2022.

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.

Source link

Share this:

  • Facebook
  • Twitter
  • Pinterest
  • LinkedIn

Filed Under: Security Tagged With: Asian, computer security, Countries, cyber attacks, cyber news, cyber security news, cyber security news today, cyber security updates, cyber updates, data breach, East, hacker news, Hackers, hacking news, how to hack, information security, Middle, muddywater, network security, ransomware malware, software vulnerability, Tactics, Target, the hacker news, updated

Special Offers

  • The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59

    The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59
  • The Complete 2023 Business Accounting Mastery Bundle for $49

    The Complete 2023 Business Accounting Mastery Bundle for $49
  • Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125

    Universal VR Set Glasses Goggle Bundle for PC Android Phone for iPhone for $125
  • Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44

    Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44
  • VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24

    VYSN RockinPods TWS Waterproof Bluetooth Earbuds for $24

Reader Interactions

Leave a Reply Cancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

Primary Sidebar

  • Facebook
  • GitHub
  • Instagram
  • Pinterest
  • Twitter
  • YouTube

More to See

Dotan Horovits

Is Kubernetes Monitoring Flawed? | Logz.io

Feb 7, 2023 By iHash

New Survey Finds Consumers Give Chatbots a Failing Grade in Customer Experience

Feb 7, 2023 By iHash

Tags

* Apple Cisco computer security cyber attacks cyber crime cyber news cybersecurity Cyber Security cyber security news cyber security news today cyber security updates cyber threats cyber updates data breach data breaches google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS 7 iOS 8 iPhone Malware microsoft network security ransomware ransomware malware risk management Secure security security breaches security vulnerabilities software vulnerability the hacker news Threat update video Vulnerabilities web applications

Latest

The Power of Relationships: Executive Buy-In and Security Culture for Bolstering Resilience

The Power of Relationships: Executive Buy-In and Security Culture for Bolstering Resilience

“Where do we start?” This is the question every CISO asks about every new program. In fact, I ask and answer that question many times a month. There’s a reason for this, of course. A strong start to any project builds momentum, reassures stakeholders, and sets the stage for what’s to come. Security resilience initiatives […]

Cisco Secure at Cisco Live EMEA 2023

Cisco Secure at Cisco Live EMEA 2023

Cisco Live is the premier destination for Cisco customers and partners to gain knowledge and build community. Our teams work hard to deliver education and inspiration, ignite creativity, deliver practical know-how, and accelerate the connections that fuel your digital future. The Cisco Secure team is excited to share our expertise to help power the strategies […]

The 2023 Adobe Creative Cloud Beginner to Advance Bundle for $59

Expires November 25, 2122 23:59 PST Buy now and get 97% off Adobe Acrobat Pro DC (Beginner) KEY FEATURES Workplace demand for digital media skills including creating, managing, and integrating PDF documents is on the rise. In this course, students will learn the basics of creating PDF documents and modifying PDFs within Adobe Acrobat DC […]

Implementing AI into Enterprise Search to Make It Smarter

AI has the potential to be a game-changer for businesses that are experiencing a digital transformation, provided that it is correctly applied. While the economy is still struggling to recover, the value of technology like Machine Learning (ML) and Natural Language Processing (NLP) is on the rise. These technologies assist businesses in initiating and accelerating […]

GuLoader Malware Using Malicious NSIS Executables to Target E-Commerce Industry

Feb 06, 2023Ravie LakshmananCyber Attack / Endpoint Security E-commerce industries in South Korea and the U.S. are at the receiving end of an ongoing GuLoader malware campaign, cybersecurity firm Trellix disclosed late last month. The malspam activity is notable for transitioning away from malware-laced Microsoft Word documents to NSIS executable files for loading the malware. […]

Scanner Device Detector for GPS Tracker Wireless Listening Device Camera Finder 5 Levels Sensitivity 25H Working Time for $44

Expires January 31, 2123 18:01 PST Buy now and get 61% off PRODUCT SPECS Batteries Required? Yes Power Source Battery Powered Item Dimensions LxWxH 4.1 x 0.97 x 0.58 inches Battery Life 25 Hours function logProductOverviewMetric(metric) { if(typeof window.csa !== ‘undefined’) { var myEvents = csa(“Events”, {producerId: “dppinfo”}); myEvents(“log”, { schemaId: “dppinfo.productOverviewClientSideEvents.1”, eventName: metric }, […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

  Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate.   Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

  Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

Copyright iHash.eu © 2023
We use cookies on this website. By using this site, you agree that we may store and access cookies on your device. Accept Read More
Privacy & Cookies Policy

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.
Non-necessary
Any cookies that may not be particularly necessary for the website to function and is used specifically to collect user personal data via analytics, ads, other embedded contents are termed as non-necessary cookies. It is mandatory to procure user consent prior to running these cookies on your website.
SAVE & ACCEPT