MuddyWater advanced persistent threat (APT) group uses various deception techniques to derail detection efforts, such as Chinese strings, Russian strings and an impersonation of a completely different hacking group known as RXR Saudi Arabia. The attack group shows a moderate level of sophistication, but the stage is set for Muddy water to take things to the next level, researchers said. The group uses multiple, relatively simple and expendable tools to infiltrate victims and exfiltrate data, mostly using Python and PowerShell-based coding.
Source: https://threatpost.com/muddywater-apt-custom-tools/144193/