MuddyWater targets African telecommunications companies

Telecommunications firms in Egypt, Tanzania, and Sudan have been subjected to attacks by Iranian state-sponsored threat operation MuddyWater last month, reports The Record, a news site by cybersecurity firm Recorded Future. Several tools have been leveraged by MuddyWater to facilitate the attacks, including the new MuddyC2Go toolset and its PowerShell launcher for malware deployment; the SimpleHelp remote management software for continuous access to compromised devices and command execution; and the Venom Proxy software for managing intranet-connected devices, according to a report from Symantec. Such intrusions mark the first time MuddyWater set sights on the African region and were likely conducted as espionage operations amid the ongoing conflict between Israel and Palestinian militant group Hamas, which also involves Egypt, said Symantec threat intelligence analyst Marc Elias. "The targeted country that most stood out was Egypt, which has a border with Gaza and Israel and is quite involved in the ongoing war," Elias added.