The US Cyber Command’s Cyber National Mission Force has identified the MuddyWater hacking group as an operation funded by the government of Iran, possibly under the Iranian Ministry of Intelligence and Security (MOIS).

360 Mobile Vision - 360mobilevision.com North & South Carolina Security products and Systems Installations for Commercial and Residential - $55 Hourly Rate. ACCESS CONTROL, INTRUSION ALARM, ACCESS CONTROLLED GATES, INTERCOMS AND CCTV INSTALL OR REPAIR 360 Mobile Vision - 360mobilevision.com is committed to excellence in every aspect of our business. We uphold a standard of integrity bound by fairness, honesty and personal responsibility. Our distinction is the quality of service we bring to our customers. Accurate knowledge of our trade combined with ability is what makes us true professionals. Above all, we are watchful of our customers interests, and make their concerns the basis of our business.

The U.S. government has said MOIS conducts internal surveillance to identify opponents of the regime, in addition to monitoring the activity of foreign actors. In its report, US Cyber Command points out that this group is characterized by using the PowGoop DLL side loader, which allows you to trick legitimate software into running malware and hide your C&C communications.

The agents also mention that multiple samples of JavaScript code were detected to facilitate the implementation of the Mori backdoor, used to create a DNS tunnel and establish C&C communications: “The identification of these indicators of compromise demonstrates an attack deployed by Iranian hackers,” the report adds.

This group was first identified in 2017 by researchers at security firm Mandiant: “Iran controls various cyber espionage operations, cyberattacks and theft of sensitive information. The security services that sponsor these groups (IRGC and MOIS) use them to gain a strategic advantage against their local opponents and in other countries,” the experts’ report said.

In its first attacks, MuddyWater was noted for targeting various targets in the Middle East, including government agencies, telecommunications companies and oil companies. Their most recent attacks targeted private companies in Europe and North America.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.

The post MuddyWater hacking group is Iranian appeared first on Cyber Security News | Exploit One | Hacking News.

By admin