Email security

Novel MuddyWater phishing campaign hits Israel

Share
A computer screen displays a digital alert of an email phishing threat, accompanied by a striking red warning sign.

Information security, technology, and manufacturing organizations across Israel have been targeted with a new phishing campaign by Iranian state-sponsored threat operation MuddyWater, also known as TA450 and Mango Sandstorm, involving Atera Agent remote monitoring and management tool deployment earlier this month, reports The Hacker News.

Attacks commenced with the delivery of malicious emails with PDF attachments linking to file-sharing site-hosted documents, which when opened fetches an MSI installer-containing ZIP archive that prompts Atera Agent installation, according to a report from Proofpoint. "While this method is not foreign to TA450, the threat actor has more recently relied on including malicious links directly in email message bodies instead of adding in this extra step," said researchers. Such a development follows an OP Innovate report detailing Iranian hacktivist operation Lord Nemesis' compromise of software services provider Rashim Software to facilitate a software supply chain attack against academic institutions in Israel.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.