MuddyWater, an Iran-linked threat actor, is targeting critical infrastructure in Egypt and Israel with sophisticated spyware disguised as the Snake game. The campaign involves spearphishing, customized malware, and credential theft tools, demonstrating increased technical evolution and evasion techniques. #MuddyWater #SnakeGameSpyware
Keypoints
- MuddyWater conducted cyberattacks on Egyptian and Israeli critical infrastructure between September 2024 and March 2025.
- The threat actor used spearphishing emails with PDF attachments linking to spyware hosted on file-sharing platforms.
- The malware, MuddyViper, includes a loader called Fooder that mimics the Snake game to evade detection.
- MuddyViper can exfiltrate credentials, gather system information, and execute commands on infected devices.
- The campaign shows signs of technical advancement, including strategic targeting and sophisticated evasion techniques.
Read More: https://therecord.media/iran-linked-hackers-target-israel-egypt-phishing