Threats Feed

Entities in the Middle East, including Saudi Arabia and Iraq, were targeted by an early MuddyWater phishing campaign predominantly aimed at the government sector. Spear-phishing emails carrying malicious attachments were a key tactic, with PowerShell scripts being sourced from Pastebin and Filebin. To avoid detection, the attackers concealed their scripts. Upon examining the macro code and command and control scripts, parallels were found with a campaign previously discussed by Morphisec.