The Iranian nation-state actor, MuddyWater, has been using a new command-and-control (C2) framework called MuddyC2Go in cyber espionage attacks on the telecommunications sector in Egypt, Sudan, and Tanzania. The activity, also tracked as Seedworm, involves a Golang-based tool replacing PhonyC2 and MuddyC3. MuddyWater, linked to Iran’s Ministry of Intelligence and Security, has been active since at least 2017, primarily targeting entities in the Middle East. The attacks involve the use of SimpleHelp, Venom Proxy, a custom keylogger, and other publicly available tools, aiming to evade detection and achieve strategic objectives. The latest intrusions occurred in November 2023. Symantec recommends organizations to be vigilant regarding the suspicious use of PowerShell on their networks.
Trending
Kenya Faces Tax Shake-Up: Impact on Digital Services & Startups
East Africa Internet Outage: Undersea Cable Breaks Disrupt Connectivity
Zimbabwe Politician’s Son Arrested for Illegally Possessing Starlink Terminal
Airtel Africa’s Mobile Money IPO: Expanding Horizons in 2025
Unveiling Africa’s Top Ten Tech Sectors: Transforming Industries and Empowering Communities
Building Investment-Worthy Startups: Strategies for Success
WhatsApp Introduces Chat Filters: Streamlining Message Management for Users
Unraveling Bitcoin’s Energy Appetite: Understanding Mining and Environmental Impact
Baobab Network Acquires Reflector Marketing: Boosting Support for African Startups
Google rolls out Gemini in Android Studio for coding assistance