We discovered a new campaign targeting organizations in Turkey, Pakistan and Tajikistan that has some similarities with an earlier campaign named MuddyWater, which hit various industries in several countries, primarily in the Middle East and Central Asia.

Third party security researchers named the MuddyWater campaign as such because of the difficulties in attributing the attacks.

However, given the nature of the targets, as well as the gathering and uploading of information to C&C servers, it appears that the attackers are mainly concerned with espionage activities — with the Saudi Arabia’s National Cyber Security Center (NCSC) publishing an alert on their website regarding the attacks.

Given the number of similarities, we can assume that there is a connection between these new attacks and the MuddyWater campaign. It also signifies that the attackers are not merely interested in a one-off campaign, but will likely continue to perform cyberespionage activities against the targeted countries and industries.

Comparing the earlier MuddyWater campaign with this new one reveals some distinct similiarities…

Lese weiter auf: Campaign Possibly Connected to “MuddyWater” Surfaces in the Middle East and Central Asia
Quelle: TrendLabs Malware Blog

Kommentare und Fragen
Möchtest Du zu diesem Artikel ein Kommentar abgeben oder hast dazu eine Frage, dann mach dies bitte immer auf der Herausgeberseite!
Aktuelles von TrendLabs Malware Blog
TRADAR | Netzwelt
Hier erhältst Du tagesaktuelle News aus über 100 Blogs zu aktuellen Trends im Internet-Marketing und Nachrichten über StartUps und Projekte. Auf Tradar.de geht es so ziemlich um alle Themen, die den Online-Handel betreffen.