The Iran-linked APT group Seedworm (MuddyWater) is actively targeting US critical infrastructure sectors using new, unspecified backdoors for network persistence. This activity, attributed to Iran's MOIS, represents a heightened threat of broader cyber operations amid regional tensions. Security teams should review network logs for anomalous activity and apply threat intelligence related to this group's known TTPs.
An Iran-linked hacking group has been active inside the networks of several US organizations since early February, raising concerns that the activity could precede broader cyber operations connected to escalating geopolitical tensions in the Middle East. New backdoors used by Seedworm Symantec and Carbon Black researchers have attributed the activity to Seedworm (aka MuddyWater), an Iranian advanced persistent threat (APT) group that has been linked to Iran’s Ministry of Intelligence and Security (MOIS), and is … More → The post Iran-linked APT targets US critical sectors with new backdoors appeared first on Help Net Security .