US, UK Cyber Agencies Warn Against MuddyWater Cyber Espionage

Cybersecurity agencies from the U.S. and the U.K. issued a joint alert about cyber espionage operations executed by Iranian government-affiliated hacking group MuddyWater.

According to the warning shared by the Cybersecurity and Infrastructure Security Agency, MuddyWater has been spying on defense, local government, oil and gas and communications sectors across the world. The agencies added that the hacking group has been on the move in Africa, Asia, Europe and North America since 2018.

The alert was issued by the FBI, CISA, the U.S. Cyber Command and the United Kingdom’s National Cyber Security Centre, CyberScoop reported.

According to the advisory, the hacking group is in a position to provide stolen data and access information to the Iranian government and other malicious cyber actors. The group also listed the malware and techniques that MuddyWater is using.

The organizations are asking entities to apply appropriate cybersecurity measures to protect their systems from potential threats.

The warning follows research from cybersecurity firm Mandiant that focuses on how MuddyWater used Telegram malware to attack Middle Eastern technology and government organizations.

According to Mandiant analyst Emiel Haeghebaert, MuddyWater has ramped up its operations. He added that the organization has been using legitimate remote access software, workplace applications and network communications capabilities in their operations.