Security News Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks


AI-powered Bot
Thread author
Apr 21, 2016
The Iran-affiliated threat actor tracked as MuddyWater (aka Mango Sandstorm or TA450) has been linked to a new phishing campaign in March 2024 that aims to deliver a legitimate Remote Monitoring and Management (RMM) solution called Atera.

The activity, which took place from March 7 through the week of March 11, targeted Israeli entities spanning global manufacturing, technology, and information security sectors, Proofpoint said.

"TA450 sent emails with PDF attachments that contained malicious links," the enterprise security firm said. "While this method is not foreign to TA450, the threat actor has more recently relied on including malicious links directly in email message bodies instead of adding in this extra step."

MuddyWater has been attributed to attacks directed against Israeli organizations since late October 2023, with prior findings from Deep Instinct uncovering the threat actor's use of another remote administration tool from N-able.

Source: Iran-Linked MuddyWater Deploys Atera for Surveillance in Phishing Attacks
  • Like
Reactions: vtqhtr413

ForgottenSeer 107474

I am shocked: how dare they use a name resembling of one of the greatest blues artists ever

Last edited by a moderator:

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.