MuddyWater Returns with a New Spear-Phishing Campaign
MuddyWater Returns with a New Spear-Phishing Campaign
Threat Level
Attack Report
For a detailed threat advisory, download the pdf file here
Summary
MuddyWater, the Iranian nation-state actor, has been identified in a new spearphishing campaign targeting two Israeli entities and deploying a legitimate remote administration tool known as N-able Advanced Monitoring Agent. This agent helps in remote administration and management of workstations and servers. What’s particularly noteworthy is that MuddyWater is using a new C2 framework, MuddyC2Go, and N-able remote monitoring system indicating a new technique or tools being employed in their cyber operations.
To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.