Tag: MuddyWater Hackers

Iranian MuddyWater Hackers Adopt New C2 Tool ‘DarkBeatC2’ in Latest Campaign
News

Iranian MuddyWater Hackers Adopt New C2 Tool ‘DarkBeatC2’ in Latest Campaign

A new command-and-control (C2) infrastructure named DarkBeatC2 has been linked to the Iranian threat actor MuddyWater. This makes it the latest tool in its toolbox, joining SimpleHarm, MuddyC3, PhonyC2, and MuddyC2Go. Deep Instinct security researcher Simon Kenin stated in a technical paper released last week that MuddyWater's procedures stay the same, despite sometimes modifying their C2 framework or utilizing a different remote administration tool. According to assessments, MuddyWater—also known as Boggy Serpens, Mango Sandstorm, and TA450—is connected to Iran's Ministry of Intelligence and Security (MOIS). It has been actively involved in spear-phishing assaults since at least 2017, which result in the installation of different reputable Remote Monitoring and Management (RMM)...