Threat actor Muddy Water extends attacks towards government in Africa.
Kaspersky Lab researchers monitoring the activity of Muddy Water, an advanced threat actor first seen targeting Iraq and Saudi Arabia in 2017, have uncovered a massive operation focused on government entities and more in Africa, Jordan, Turkey, Azerbaijan, Pakistan and Afghanistan, alongside its original targets. The malware is distributed through a highly personalised spear-phishing campaign featuring office documents and asking users to enable embedded macros. The attacks are ongoing.
Muddy Water is a relatively new threat actor that surfaced in 2017 with a campaign focused on government targets in Iraq and Saudi Arabia. Earlier this year, Kaspersky Lab researchers detected a continuous stream of spear-phishing emails targeting a much wider range of countries than previously seen for this threat actor. The campaign peaked in May and June 2018 but is still ongoing.
The content of the spear-phishing messages suggests the main targets are government and military entities, telecoms companies and educational institutions. The emails carry an MS Office 97-2003 file attachment and infection is activated as soon as the user has been persuaded to enable macros.
Kaspersky Lab researchers have analysed the first stages of the attack and are publishing their findings now in Click here to read entire article
Source:: IT News Africa