image credit: freepik
The Iranian nation-state actor known as MuddyWater has been linked to a new spear-phishing campaign targeting two Israeli entities to ultimately deploy a legitimate remote administration tool from N-able called Advanced Monitoring Agent.
Cybersecurity firm Deep Instinct, which disclosed details of the attacks, said the campaign “exhibits updated TTPs to previously reported MuddyWater activity,” which has, in the past, used similar attack chains to distribute other remote access tools like ScreenConnect, RemoteUtilities, Syncro, and SimpleHelp.
Comments are closed.
