March 6, 2026

Iranian State-Sponsored Hackers Breach US Airport, Bank, and Software Company Systems

Vaibhav March 6, 2026
Iranian-State-Sponsored-Hackers-Breach-US-Airport-Bank-and-Software-Company-Systemsdata
Post Views: 9

Cyberattacks Attributed to Iranian Threat Group MuddyWater

A recent wave of cyberattacks attributed to the Iranian threat group MuddyWater has compromised several organizations in the United States, including an airport, a bank, and a software company with ties to Israel.

Background on MuddyWater

According to researchers at Broadcom’s Symantec and Carbon Black, the attacks have continued in recent days, despite heightened tensions between the US and Iran following military strikes.

MuddyWater, also known as Seedworm, Mango Sandstorm, Mercury, and Static Kitten, has been linked to the Iranian Ministry of Intelligence and Security (MOIS).

The group has a history of targeting entities in the Middle East for espionage purposes and has been observed using updated Android spyware in previous campaigns.

Latest Attacks

In the latest attacks, MuddyWater deployed a new backdoor called Dindoor on the networks of the software company’s Israeli branch, the US bank, and a Canadian non-governmental organization.

The backdoor was signed with a certificate issued to “Amy Cherne.”

Additionally, the group attempted to exfiltrate data from the software company’s Israeli branch.

Researchers also discovered a Python backdoor called Fakeset on the networks of a US airport and a non-profit organization.

This backdoor was signed with certificates issued to “Amy Cherne” and “Donald Gay,” which has been used in previous MuddyWater attacks.

Conclusion

MuddyWater’s activity has been disrupted, but the researchers warn that other organizations may still be vulnerable to compromise.

The group’s presence on US and Israeli networks prior to the current conflict puts them in a position to launch future attacks.

MuddyWater’s tactics, techniques, and procedures (TTPs) have been well-documented in the past.

The group has been known to target entities in the Middle East, and their involvement in cyber-enabled kinetic targeting has been observed in previous campaigns.

For example, Amazon detailed the group’s involvement in hacking into live CCTV streams from Jerusalem in support of a missile attack.

The recent attacks highlight the ongoing threat posed by MuddyWater and the need for organizations to remain vigilant in the face of evolving cyber threats.



About Author

Vaibhav

See author's posts

More Stories

Iran-Linked-APT-Group-Deploys-Sophisticated-Backdoors-to-Compromise-US-Critical-Infrastructuredata

Iran-Linked APT Group Deploys Sophisticated Backdoors to Compromise US Critical Infrastructure

Vaibhav March 6, 2026
Kerala-Cyber-Police-Cracks-Down-on-Online-Scams-25-Cases-Registered-in-Investigationdata

Kerala Cyber Police Cracks Down on Online Scams: 25 Cases Registered in Investigation

Vaibhav March 6, 2026
Iran-Linked-MuddyWater-Hackers-Target-U-S-Networks-with-New-Dindoor-Backdoordata

Iran-Linked MuddyWater Hackers Target U.S. Networks with New Dindoor Backdoor

Vaibhav March 6, 2026

Latest Cyber Security News

ArmorCode-Secures-16-Million-in-Funding-for-Cybersecurity-Exposure-Management-Platformdata

ArmorCode Secures $16 Million in Funding for Cybersecurity Exposure Management Platform

Vaibhav March 6, 2026
Remediating-AI-Driven-Exposure-Risks-A-Proactive-Approach-to-Cybersecuritydata

Remediating AI-Driven Exposure Risks: A Proactive Approach to Cybersecurity

Vaibhav March 6, 2026
Taiwan-Indicts-62-in-Cyber-Fraud-Network-Linked-to-Cambodiadata

Taiwan Indicts 62 in Cyber Fraud Network Linked to Cambodia

Vaibhav March 6, 2026
Dark-Web-Threats-Busted-Joint-Digital-Forensics-Operation-Leads-to-Arrestdata

Dark Web Threats Busted: Joint Digital Forensics Operation Leads to Arrest

Vaibhav March 6, 2026
InstallFix-Malware-Campaigns-Fake-Claude-Code-Install-Guides-Spread-Infostealersdata

InstallFix Malware Campaigns: Fake Claude Code Install Guides Spread Infostealers

Vaibhav March 6, 2026
en_USEnglish
en_USEnglish