G0069
G0069MuddyWater
Description
[MuddyWater](https://attack.mitre.org/groups/G0069) is a cyber espionage group assessed to be a subordinate element within Iran's Ministry of Intelligence and Security (MOIS).(Citation: CYBERCOM Iranian Intel Cyber January 2022) Since at least 2017, [MuddyWater](https://attack.mitre.org/groups/G0069) has targeted a range of government and private organizations across sectors, including telecommunications, local government, defense, and oil and natural gas organizations, in the Middle East, Asia, Africa, Europe, and North America.(Citation: Unit 42 MuddyWater Nov 2017)(Citation: Symantec MuddyWater Dec 2018)(Citation: ClearSky MuddyWater Nov 2018)(Citation: ClearSky MuddyWater June 2019)(Citation: Reaqta MuddyWater November 2017)(Citation: DHS CISA AA22-055A MuddyWater February 2022)(Citation: Talos MuddyWater Jan 2022)
References
- https://attack.mitre.org/groups/G0069
- https://www.clearskysec.com/wp-content/uploads/2018/11/MuddyWater-Operations-in-Lebanon-and-Oman.pdf
- https://www.clearskysec.com/wp-content/uploads/2019/06/Clearsky-Iranian-APT-group-%E2%80%98MuddyWater%E2%80%99-Adds-Exploits-to-Their-Arsenal.pdf
- https://www.cybercom.mil/Media/News/Article/2897570/iranian-intel-cyber-suite-of-malware-uses-open-source-tools/
- https://www.cisa.gov/uscert/ncas/alerts/aa22-055a
- https://researchcenter.paloaltonetworks.com/2017/11/unit42-muddying-the-water-targeted-attacks-in-the-middle-east/
- https://blog.talosintelligence.com/2022/01/iranian-apt-muddywater-targets-turkey.html
- https://www.anomali.com/blog/probable-iranian-cyber-actors-static-kitten-conducting-cyberespionage-campaign-targeting-uae-and-kuwait-government-agencies
- https://www.trendmicro.com/en_us/research/21/c/earth-vetala---muddywater-continues-to-target-organizations-in-t.html
- https://reaqta.com/2017/11/muddywater-apt-targeting-middle-east/
Software attributed to this5
| Type | Target | Confidence | Tier |
|---|---|---|---|
| Software | STARWHALEs1037 | 100% | live |
| Software | ConnectWises0591 | 100% | live |
| Software | SHARPSTATSs0450 | 100% | live |
| Software | Moris1047 | 95% | live |
| Software | PowGoops1046 | 95% | live |
Related by meaning· 6
Nearest entities by semantic similarity across the cs-graph corpus.