<img height="1" width="1" style="display: none" alt="" src="https://px.ads.linkedin.com/collect/?pid=1098858&amp;fmt=gif">

Iran's MuddyWater Hackers Upgrade to Stealthier Cyber Operations

Iran's MuddyWater group enhances cyber tactics with MuddyViper malware, targeting Israel and Egypt, showcasing evolved capabilities.
Content Team

Iran's MuddyWater hacking group has significantly upgraded its cyber capabilities, deploying new custom malware called MuddyViper against Israeli and Egyptian targets from September 2024 through March 2025. The group, linked to Iran's intelligence ministry, used a sophisticated 64-bit loader called "Fooder" disguised as the Snake video game to execute attacks entirely in memory, evading traditional detection.

This marks a major evolution for MuddyWater, historically known for noisy, error-prone operations. The new toolkit includes advanced credential stealers and reverse tunneling capabilities. ESET researchers also observed collaboration with another Iranian group, Lyceum, suggesting increased coordination among Tehran's cyber units. Despite improvements, some operational weaknesses remain detectable.

Source: Dark Reading

Share this article
Share on facebook Share on linkedin Share on twitter Share on email
blog_book_a_demo_cta_3x
Have questions about protecting your software?
Our escrow experts are standing by to help.
Book a free demo