During our daily threat hunting activities we have come across a tweet reporting an active spear-phishing campaign apparently targeting Turkey. After an initial assessment we decided to investigate further, finding similarities with other campaigns active in the recent past and possibly coming from the same actors.

MuddyWater is a threat actor that caught our attention for their extensive use of “Living off the Land” attacks in a targeted campaign aimed at the Middle East. During our investigation we reconstruct the evolution of the vectors used and how the group operates to  target their victims, evade detections and move laterally inside the compromised […]

Eset published the analysis of Dino, a recently discovered APT that seems to be tied to the Animal Farm, the same group that allegedly developed Casper, Babar (previously analyzed by ReaQta) and Bunny.