The Iranian state-sponsored threat actor known as MuddyWater has been attributed to a new swarm of attacks targeting Turkey and the Arabian Peninsula. The group is known for its attacks on various sectors that help further advance Iran’s geopolitical and national security objectives. The latest campaigns involve the use of malware-laced documents delivered via phishing messages to deploy a remote access trojan called SloughRAT (aka Canopy by CISA) The results of the command are subsequently exfiltrated back to the C2 server.”]
Source: https://thehackernews.com/2022/03/iranian-hackers-targeting-turkey-and.html