Western security services: Iran's 'Muddywater' hacking group behind widespread cyberattacks

US and British security services say a hacking group called "Muddy Water", linked to the Islamic Republic, is behind widespread cyberattacks from Asia to Africa, Europe and North America.

Reuters reported on Thursday, March 25, that investigations by the US Federal Bureau of Investigation, the US Cybersecurity and Infrastructure Security Agency, along with other security agencies in the country and the UK, show that the hacking and espionage group "Muddywater", linked to the Islamic Republic of Iran, is behind widespread and destructive attacks on telecommunications, defense, government and oil and gas targets from Asia to Africa, Europe and North America.

The name of this hacking group has been familiar to cybersecurity institutions and companies for years, and in January of this year, the US Army Cyber ​​Command for the first time accused the "Ministry of Intelligence" and the "Islamic Revolutionary Guard Corps" of using the "Muddywater" group to hack computer networks in different parts of the world and strike "enemies and competitors."

Some reports indicate that Western security agencies have been monitoring this hacking group since 2017.

This is the second hacking group linked to the Islamic Republic to be exposed by global cybersecurity companies and institutions.

Western countries have repeatedly expressed their concern about the malicious cyber activities of Iran, Russia, China, and North Korea.

Recently, the cybersecurity company IBM X-Force also identified three major hacking groups threatening cyberspace in 2021, one of which was Muddywater.

The report described the methods used by these hacking groups as "advanced and defenseless" and said they use various methods to conceal their activities.

Last month, the US Army Cyber ​​Command released the malicious code used by the hacking group so that companies and governments can be better prepared for possible cyberattacks by the group.

According to a spokesperson for this American institution, the disclosure of these codes is a step to inform organizations in the United States and other parts of the world to protect themselves against similar future moves by Iran or other aggressive actors.

The US and British security services have not announced exactly which countries the "Muddywater" group targeted, or specifically which projects and institutions, but the group's name has previously been mentioned in cyberattacks from Turkey, Jordan to Israel, the US, and Europe.

The US Army Cyber ​​Command says the Muddywater group has been struggling to collect data from telecommunications companies and other organizations across the Middle East for years.

Sarah Jones, a senior data analyst at cybersecurity firm Mandint, said in this regard that Iran has employed multiple teams for cyber espionage, attack, and intelligence gathering.

According to Ms. Jones, the Ministry of Intelligence and the Revolutionary Guard use these teams to advance the goals of the Islamic Republic of Iran in order to confront the Iranian regime with its enemies and rivals throughout the region.

According to analysts, the "Muddywater" group is one of the key players in Iran's cyber espionage system.

Source: Radio Farda