US Military Ties Prolific MuddyWater Cyberespionage APT to Iran

U.S. Cyber Command has confirmed that MuddyWater – an advanced persistent threat (APT) cyberespionage actor aka Mercury, Static Kitten, TEMP.Zagros or Seedworm that’s historically targeted government victims in the Middle East – is an Iranian intelligence outfit.
The link has been suspected, and now it’s government-stamped. On Wednesday, USCYBERCOM not only confirmed the tie; it also disclosed the plethora of open-source tools and strategies MuddyWater uses to break into target systems and released malware samples.
“MuddyWater has been seen using a variety of techniques to maintain access to victim networks,” according to USCYBERCOM’S National Mission Force (CNMF). “These include side-loading DLLs in order to trick legitimate programs into running malware and obfuscating PowerShell scripts to hide command and control functions.”

Read more about it here.