MuddyWaterMuddyWater

Also known as: MuddyWater · TEMP.Zagros · Static Kitten · Seedworm · MERCURY · COBALT ULSTER · G0069 · ATK51 · Boggy Serpens · Mango Sandstorm · TA450 · Earth Vetala

Known aliases
12

Profile

The MuddyWater attacks are primarily against Middle Eastern nations. However, we have also observed attacks against surrounding nations and beyond, including targets in India and the USA. MuddyWater attacks are characterized by the use of a slowly evolving PowerShell-based first stage backdoor we call “POWERSTATS”. Despite broad scrutiny and reports on MuddyWater attacks, the activity continues with only incremental changes to the tools and techniques.

Aliases· 12

MuddyWaterTEMP.ZagrosStatic KittenSeedwormMERCURYCOBALT ULSTERATK51Boggy SerpensMango SandstormTA450Earth Vetala
G0069

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

Software
POWERSTATS
Actor
APT39
Software
SHARPSTATS
Software
STARWHALE
Actor
Storm-1084
Actor
Gray Sandstorm
Sourced from MISP-Galaxy Threat Actor cluster. Curated by Adam Lundqvist, Founder at SQUR.