Threats Feed
- Public
Continuing MuddyWater Phishing Campaign Targets Middle East and Pakistan
MuddyWater group continues its cyber-espionage operations, leveraging obfuscated PowerShell scripts within Word documents to infiltrate systems. These documents masquerade as legitimate entities, such as the Federal Investigation Agency of Pakistan. The tactics include sophisticated obfuscation techniques and a careful reconnaissance strategy, primarily focusing on the Middle East and Pakistan. The campaign deploys a variety of tools, including C&C servers and proxies, with a detailed focus on avoiding detection by analysis tools.
read more about Continuing MuddyWater Phishing Campaign Targets Middle East and Pakistan - Public
Unveiling MuddyWater Phishing Campaign: Middle Eastern Governments in the Crosshairs
Entities in the Middle East, including Saudi Arabia and Iraq, were targeted by an early MuddyWater phishing campaign predominantly aimed at the government sector. Spear-phishing emails carrying malicious attachments were a key tactic, with PowerShell scripts being sourced from Pastebin and Filebin. To avoid detection, the attackers concealed their scripts. Upon examining the macro code and command and control scripts, parallels were found with a campaign previously discussed by Morphisec.
read more about Unveiling MuddyWater Phishing Campaign: Middle Eastern Governments in the Crosshairs