A new cyber espionage campaign named UNK_SmudgedSerpent has targeted U.S.-based experts focusing on Iran, employing sophisticated phishing tactics and impersonations to gather intelligence. The operation shows strong links to Iranian cyber groups like Charming Kitten and MuddyWater, indicating an evolving espionage ecosystem. #CharmingKitten #MuddyWater
Keypoints
- UNK_SmudgedSerpent targeted academics and foreign policy experts focusing on Iran between June and August 2025.
- The threat group used social engineering, impersonations, and malicious URLs to lure targets into credential harvesting schemes.
- Emails impersonated U.S. think tank representatives and foreign policy figures to increase attack success rates.
- Malicious documents led victims to fake login pages mimicking Microsoft Teams and OnlyOffice to steal credentials.
- The operation demonstrates increased collaboration between Iranian intelligence and cyber units targeting Western policy and strategic research.
Read More: https://thehackernews.com/2025/11/mysterious-smudgedserpent-hackers.html