Muddywater Utilizes Custom Tools to Target Telecom Companies

Summary:

Iranian espionage group Muddywater,targeted telecommunications companies in Egypt, Sudan, and Tanzania in November 2023. The attackers employed a diverse set of tools for this activity, including leveraging the MuddyC2Go infrastructure. Additionally, they utilized the SimpleHelp remote access tool and Venom Proxy. The attackers also deployed a custom keylogging tool along with other publicly available and living-off-the-land tools as part of their espionage efforts.

Threat Level – Red | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.