MuddyWater, an Iranian threat actor, has launched a spear-phishing campaign using Rust-based implants called RustyWater to target Middle Eastern entities. This evolution in their tactics enhances their malware capabilities with modular, resilient features. #MuddyWater #RustyWater #IranianThreatActor
Keypoints
- MuddyWater targets diplomatic, maritime, financial, and telecom sectors in the Middle East with spear-phishing emails.
- The campaign uses malicious Word documents with VBA macros to deploy RustyWater implants.
- RustyWater provides features like registry persistence, anti-analysis, and modular post-exploitation capabilities.
- The group has gradually shifted from using remote access software to deploying diverse malware tools.
- Their operations are linked to Iranβs Ministry of Intelligence and Security, operating since 2017.
Read More: https://thehackernews.com/2026/01/muddywater-launches-rustywater-rat-via.html