Disclaimer: We may earn a commission if you make any purchase by clicking our links. Please see our detailed guide here.

Follow us on:

Google News

Iran-Backed Hackers Are Now Active to Deliver Ransomware Globally

Meet the voice behind Indo-Asian News Service (IANS), a storyteller navigating the currents of global events with precision and depth. Crafting narratives that bridge cultures, IANS brings you the pulse of the world in every word

Join the Opinion Leaders Network

Join the Techgenyz Opinion Leaders Network today and become part of a vibrant community of change-makers. Together, we can create a brighter future by shaping opinions, driving conversations, and transforming ideas into reality.

As Russia goes to war against Ukraine, hackers linked to the Iranian Ministry of Intelligence and Security are exploiting bugs to conduct cyber espionage and other malicious attacks against organizations globally, including in Asia, the US, and the UK; cyber and law authorities have warned.

The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the US Cyber Command Cyber National Mission Force (CNMF), and the United Kingdom’s National Cyber Security Centre (NCSC-UK) have observed a group of Iranian government-sponsored advanced persistent threat (APT) actors, known as MuddyWater.

It is conducting cyber espionage and other malicious cyber operations targeting a range of government and private-sector organisations across sectors – including telecommunications, defense, local government, and oil and natural gas – in Asia, Africa, Europe, and North America, – the agencies said in a statement late on Thursday.

According to CISA, the aim of the attacks is to gain access to networks to steal passwords and sensitive information “to share these with other malicious cyber actors”.

MuddyWater is a subordinate element within the Iranian Ministry of Intelligence and Security (MOIS).

This APT group has conducted broad cyber campaigns in support of MOIS objectives since approximately 2018. aMuddyWater’ actors are positioned both to provide stolen data and access to the Iranian government and to share these with other malicious cyber actors, – said the agencies.

MuddyWater actors are known to exploit publicly reported vulnerabilities and use open-source tools and strategies to gain access to sensitive data on victims’ systems and deploy ransomware.

The authorities have recommended organizations to apply the mitigations in this advisory and review the following resources for additional information.


Partner With Us

Digital advertising offers a way for your business to reach out and make much-needed connections with your audience in a meaningful way. Advertising on Techgenyz will help you build brand awareness, increase website traffic, generate qualified leads, and grow your business.

Power Your Business

Solutions you need to super charge your business and drive growth

More from this topic