Cyber Espionage Group Compromises Government Agencies, Oil & Gas, NGOs, Telecoms, IT Firms

Symantec researchers have uncovered extensive insights into a cyber espionage group behind a recent series of cyber attacks designed to gather intelligence on targets spread primarily across the Middle East as well as in Europe and North America.

The group, which we call Seedworm (aka MuddyWater), has been operating since at least 2017, with its most recent activity observed in December 2018.

Analysts in our DeepSight Managed Adversary and Threat Intelligence (MATI) team have found a new backdoor, Backdoor.Powemuddy, new variants of Seedworm’s Powermud backdoor (aka POWERSTATS), a GitHub repository used by the group to store their scripts, as well as several post-compromise tools the group uses to exploit victims once they have established a foothold in their network.

Read more at Symantec

(Visited 7 times, 1 visits today)

The Government Technology & Services Coalition's Homeland Security Today (HSToday) is the premier news and information resource for the homeland security community, dedicated to elevating the discussions and insights that can support a safe and secure nation. A non-profit magazine and media platform, HSToday provides readers with the whole story, placing facts and comments in context to inform debate and drive realistic solutions to some of the nation’s most vexing security challenges.

Leave a Reply

Latest from Cybersecurity

Go to Top