'MuddyWater': Iran's Ministry of Intelligence and Security running malicious cyber campaigns, warns US

WION Web Team
Washington, United States Updated: Feb 25, 2022, 09:48 AM(IST)

Reportedly MuddyWater actors exploit publicly known vulnerabilities and use open-source tools and strategies to gain access to victims' data and deploy ransomware.  Photograph:( Twitter )

Story highlights

Authorities have reported that Iranian actors known as MuddyWater are conducting malicious cyber operations against telecommunications, defence, local government, and oil and natural gas sectors

US security and law enforcement agencies warned in a joint Cybersecurity Advisory (CSA) on Thursday that Iran-linked cyber operations are targeting a variety of government and private-sector organisations in Asia, Africa, Europe, and North America.

The advisory was issued by the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA), along with US Cyber Command Cyber National Mission Force (CNMF), the United Kingdom’s National Cyber Security Centre (NCSC-UK), and the National Security Agency (NSA).

Also read | As predicted by US, Ukraine hit by cyber attacks amid Russian invasion fears

Authorities have reported that Iranian actors known as MuddyWater are conducting malicious cyber operations against telecommunications, defence, local government, and oil and natural gas sectors.

×

As per the advisory MuddyWater is conducting cyber espionage and other malicious cyber operations as part of Iran’s Ministry of Intelligence and Security (MOIS).

It proceeds to mention aliases of MuddyWater, namely 'Earth Vetala', 'MERCURY', 'Static Kitten', 'Seedworm', and 'TEMP.Zagros'.

"This Advanced Persistent Threat (APT) group has conducted broad cyber campaigns in support of MOIS objectives since approximately 2018. MuddyWater actors are positioned both to provide stolen data and accesses to the Iranian government and to share these with other malicious cyber actors."

Reportedly MuddyWater actors exploit publicly known vulnerabilities and use open-source tools and strategies to gain access to victims' data and deploy ransomware. 

Iran's mission to the United Nations in New York rejected "these baseless allegations and believes these allegations are part and parcel of the psychological warfare waged against Iran and of no factual or legal value whatsoever," a spokesman said.

(With inputs from agencies)

Read in App