Security News > 2024 > July > Iran's MuddyWater phishes Israeli orgs with custom BugSleep backdoor
MuddyWater, an Iranian government-backed cyber espionage crew, has upgraded its malware with a custom backdoor, which it's used to target Israeli organizations.
It's since moved on to phishing campaigns that deploy a new backdoor - dubbed BugSleep - according to Check Point Research.
Since February, Check Point has documented more than 50 such mails sent to hundreds of individuals across ten sectors of the Israeli economy.
"In a link sent to a transportation company in Saudi Arabia, the displayed name of the owner was Khaled Mashal, the former head of Hamas and one of its prominent leaders," Check Point Research wrote.
"We discovered several versions of the malware being distributed, with differences between each version showing improvements and bug fixes," Check Point suggested.
Another version of the malware also include a custom shellcode loader.