Iran cyberespionage campaign s targets (Source: Trend Micro)
Hackers with suspected ties to Iran are continuing to wage a cyberespionage campaign against government agencies, academia and tourism organizations in the Middle East and nearby, according to a report by Trend Micro.
The spear-phishing campaign, dubbed Earth Vetala, which is designed to steal data, exploits remote admin tools such as ScreenConnect and Remote Utilities that allow system administrators to remotely manage their enterprise systems, Trend Micro says.
“We believe, with moderate confidence, that this newly identified activity is connected to [the threat group] MuddyWater, also known as TEMP.Zagros, Static Kitten and Seedworm,” the researchers note.