Hackers with ties to the Iranian Ministry of Intelligence and Security are using a wide range of exploits to carry out its cyber espionage goals. The US and UK authorities have released a joint advisory to the pubic regarding the attacks, which are targeting organizations located around the world. The advisory, published by the Federal Bureau of Investigation (FBI), Cybersecurity and Infrastructure Security Agency (CISA), the U.S. Cyber Command Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC), identifies the state-sponsored advanced hacking group as the MuddyWater APT.
The industries targeted by the MuddyWater campaign include telecommunications, defense, local government, and oil and natural gas organizations. The advisory states that the majority of entities targeted are located in Europe, Asia, Africa, and North America. The CISA states that the aim of the attack is to gain access to networks, steal passwords, and to obtain sensitive information. The group is leveraging publicly reported vulnerabilities and open-source tools to gain access to the data. Therefore, organizations should implement patches as soon as possible to avoid the risk of attack.
Read More: Iran’s hackers are using these tools to steal passwords and deliver ransomware, say FBI and CISA