Also tracked as MERCURY, Seedworm, and Static Kitten, MuddyWater was initially detailed in 2017. The threat actor is known for conducting espionage campaigns focused on entities in the Middle East, but has targeted entities in Europe and North America as well.
The hacking group, the military agency notes, employs various open-source tools that allow it to maintain access to compromised networks, and administrators should assume they have been compromised if they identify multiple such tools in their environment.